Forum Discussion
Title: Expose SHA-256 or SHA-1 for Mail Attachments in Microsoft Graph
Problem
Email attachments in Graph don’t include a content hash. To identify or match attachments, developers have to download the entire file first. That wastes bandwidth and time and increases exposure. OneDrive/SharePoint already return hashes, but mail does not, so experiences are inconsistent.
Request
Add a server-provided content hash to every mail attachment. Prefer SHA-256. If that’s not feasible initially, expose SHA-1 as a minimum to align with existing Drive item hashes.
Benefits
- Faster and cheaper: avoid downloading large files just to tell if you already have them.
- Deduplication: detect repeated attachments across threads and mailboxes.
- Security operations: correlate attachments with threat intel by hash and triage suspicious emails without fetching payloads.
- eDiscovery and compliance: confidently match the same document across mail and files.
- Consistency: a predictable, uniform approach across Mail and OneDrive/SharePoint.
1 Reply
Best post this over at the Feedback portal: https://feedbackportal.microsoft.com/feedback/forum/ebe2edae-97d1-ec11-a7b5-0022481f3c80
