Forum Discussion
Solved
Outlook report add-in
Hello In an effort to move away from users using "safe senders" in outlook we are considering using the report add-in. However when i review the permissions the add-in has its a bit concerning. Im r...
Hi,
Users or admins can add senders to the Safe Senders list of the mailbox, but this is not desirable in most situations since senders will bypass parts of the filtering stack. Although you trust the sender, the sender can still be compromised and send malicious content. It is best that you let our filters do what is needed to check every message and then report the false positive/negative to Microsoft if our filters got it wrong. Bypassing the filtering stack also interferes with ZAP.
As far as the Report Message add-in is concerned, the permissions are necessary. As stated in other comments, we do need to read the contents, but that is based on and only for what the end-user wants to report. The change permission is similar in that we move the message between folders when users report something. For example, if you report a phish, we will move the item from the Inbox to the Deleted Items folder if necessary.
I hope this addresses your concerns. By the way, admin submissions is also another way to submit messages to Microsoft for review without installing the add-in but it does require the admin to find instead. More details can be found here: Manage submissions - Office 365 | Microsoft Docs.
Thanks!
Well it does perform a Send operation, so it needs to be able to read the content of the message. It also deletes it (move to junk) when you press the report button, thus the "change" permissions.
If you are not happy with this, you can send messages directly (https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/submit-spam-non-spam-and-phishing-scam-messages-to-microsoft-for-analysis?view=o365-worldwide) or write your own addin.
If you are not happy with this, you can send messages directly (https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/submit-spam-non-spam-and-phishing-scam-messages-to-microsoft-for-analysis?view=o365-worldwide) or write your own addin.
Understood. Is this feature Microsoft's approach to replacing "safe senders" in outlook? I notice Microsoft doesn't recommend using "safe senders"
- No, it's not a replacement for safe senders.
- Okay. From my understanding Microsoft does not recommend using safe senders. This appears to create more work for the O365 admin, because Microsoft recommends using transport rules to allow the email to go to the users inbox , and i understand why, but this creates overhead for the O365 admin. What is your thought on this ? do you recommend using safe senders in outlook ? or disabling the ability using GPO ?