Title: Expose SHA-256 or SHA-1 for Mail Attachments in Microsoft Graph
Problem Email attachments in Graph don’t include a content hash. To identify or match attachments, developers have to download the entire file first. That wastes bandwidth and time and increases exposure. OneDrive/SharePoint already return hashes, but mail does not, so experiences are inconsistent. Request Add a server-provided content hash to every mail attachment. Prefer SHA-256. If that’s not feasible initially, expose SHA-1 as a minimum to align with existing Drive item hashes. Benefits Faster and cheaper: avoid downloading large files just to tell if you already have them. Deduplication: detect repeated attachments across threads and mailboxes. Security operations: correlate attachments with threat intel by hash and triage suspicious emails without fetching payloads. eDiscovery and compliance: confidently match the same document across mail and files. Consistency: a predictable, uniform approach across Mail and OneDrive/SharePoint.
Outlook Classic for M365 - File > Encrypt > 'Encrypt-Only' option applies 'Do Not Forward' label?
I recently joined a new company and am helping support their M365 tenant and admin duties. I'm running into a very weird issue where no recipients can actually read/view the message when we encrypt emails using only 1 specific method (our organization largely uses the Outlook Classic for Microsoft 365 desktop app). If a user follows this method, for some reason the 'Do Not Forward' label is applied to the encryption, despite specifically selecting 'Encrypt-Only' - it defaults to 'Do Not Forward' every single time: New Email > File > Encrypt > Encrypt-Only Sending emails with this method gives any/all recipients a "You don't have sufficient permissions to open the mail." regardless of where they try to open the email (OWA, Outlook Classic, New Outlook) Yet, if the user tries this other method below - the proper Encrypt-Only label is applied, and any Outlook client immediately and opens/views the email as you'd expect: New Email > Options ribbon > Encrypt properly applies the Encrypt-Only label I verified IRM (Identity Rights Management) is enabled for our tenant: And encryption tests pass with flying colors: Ultimately, I'm at a loss for what's going on here and specifically where to check to fix this issue for this 1 specific encryption method. Poking around in the Purview portal, I'm having a hard time figuring out where these encryption policies/settings lie and how to get this method to stop defaulting to 'Do Not Forward' even though 'Encrypt-Only' is checked.Rules for Outlook (new) makes no sense.
I have tried now to use the new version of Outlook for both private and work use. Whenever I set up rules in classic Outlook, I always had to add a sound notification or for it to show me a desktop alert. Because if I have a rule that says "If I receive e-mail from person X, move to folder Y" I do not get a notification, and I risk missing them (which has happened a lot previously). Imagine my shock when I see that the new version of Outlook has dumbed down the rules significantly and restricted me to how I can use them. Is there a reason why we cannot add "show desktop alert" or for it to play a sound in the "actions" tab? I do not understand why this feature was removed, as well as removing auto archiving. I just don't understand why! Will the option for adding desktop alerts and for it to play sounds be added in the future?
GoDaddy to Microsoft 365 Email Account Transfer
Hi all, I'm working with a small company that just updated its business name. They want to update their Microsoft 365 licences to the new domain, which is currently registered with GoDaddy. As they weren't ready to change this straight away, some 365 (essential) Email accounts were set up in GoDaddy. Now they are ready to make the 365 update, but the email situation seems really confusing, and the two options seem to be: 1) delete the accounts and set them up again, 2) use GoDaddy to manage the changeover - but the tech support seemed a little vague on this and the timings. Has anyone used the GoDaddy managed change and was it successful? Or would you recommend doing it manually? (Or another option?) Sorry, I know versions of this have been asked before, but I'd really appreciate some up-to-date advice if possible. Thanks very much!
my microsoft account is hacked
5 days ago, i was trying to verify my account at a discord server, then i realize that they are hacking my account because of incoming security mails. they changed my account security mails. and they even changed my mail to mailto:email address removed for privacy reasons (my mail was mailto:email address removed for privacy reasons). i tried to save my account through "save your account", but it didnt work because i dont know the birth date of the e mail( i usually dont use my own (im not under 18)). i have bunch of proof that it was my e mail. i bought xbox pc game pass subscription 2-3 months ago and i bought minecraft pc edition 1 months ago with that microsoft account. i have all payment info etc. please give my microsoft account back. i am also uploading screenshots. please help me 😕 (sorry for poor language, the screenshots is turkish, if it is possible i need a turkish support people )'TO DO' MICROSOFT *STAFF*
Is there a Microsoft staff member who's a specialist in To Do, pls? When you only get support staff who aren't familiar with To Do, and even the support page applies to an old version, it's necessary to give this feedback to a line mgr. They also need to view 2 transcripts from me that highlight all the extra work they're creating for themselves. Does anyone have an email address for the To Do support mgr? By PM if prefer.Build Your AI Email Agent with Microsoft Copilot Studio
In this tutorial, you'll learn how to create an AI agent that can send emails on your behalf. We'll use Microsoft Copilot Studio and the robust infrastructure of Azure Communication Services to create the AI agent that can be published on M365 Copilot, Teams, the web and many more. You can view the video tutorial for creating your AI agent below: Prerequisites: Microsoft Copilot Studio Access: You will need a license to use the platform. Azure Subscription: An active Azure account is required to set up the email sending service. Step 1: Create Your First Agent in Copilot Studio First, we'll create the basic framework for our AI assistant. Navigate to Copilot Studio: Open your web browser and go to copilotstudio.microsoft.com. Describe Your Agent: On the homepage, you'll see a prompt that says, "Describe your agent to create it." In the text box, type a simple description of what you want your agent to do. For this tutorial, use: "I want to create an agent that can send out emails using Azure communication services." Configure the Agent: Copilot Studio will generate a basic agent for you. You'll be taken to a configuration page. Give your agent a descriptive name, such as "AI Email Agent." Review the auto-generated description and instructions. You can modify these later if needed. Create the Agent: Click the Create button. Copilot Studio will now set up your agent's environment. Step 2: Set Up Your Email Service in Azure To give your agent the ability to send emails, we need to configure a backend service in Microsoft Azure. Go to the Azure Portal: Log in to your account at portal.azure.com. Create Resources: You will need to create two services: Communication Services: Search for "Communication Services" in the marketplace and create a new resource. This will serve as the main hub. More details can be found here: Create a communication service resource. Email Communication Services: Search for "Email Communication Services" and create this resource. This service is specifically for adding email capabilities. More details can be found here: Send email via azure communication services email Get Your Sender Address: Once these resources are created, you will have a sender address (e.g., DoNotReply@...). This is the email address your AI agent will use. Step 3: Connect Your Services with an Azure Function We need a way for Copilot Studio to communicate with Azure Communication Services to send the email. An Azure Function is the perfect tool to act as this bridge. Create a Function App: In the Azure portal, create a new Function App. This app will host our code. When setting it up, select Python as the runtime stack. Develop the Function: You'll write a simple Python script that acts as a web API. This script will: Receive data (recipient, subject, body) from Copilot Studio. Connect to your Azure Communication Services resource. Send the emai The code for the Azure Function app can be found on our Github page Deploy the Function: Once your code is ready, deploy it to the Function App you created. After deployment, make sure to get the Function URL, as you'll need it in the next step. In the Azure portal head over to your Function App. Go to Settings > Environment Variables, click Add. Add the following: Name: ACS_CONNECTION_STRING Value: <insert your connection string> Name: ACS_SENDER_EMAIL Value: <insert your send email address> (e.g. “DoNotReply@...) Make sure to click Apply, so your settings are applied. Note: For this tutorial, you can use Visual Studio Code with the "Azure Functions" and "Azure Resources" extensions installed to write and deploy your code efficiently. Step 4: Design the Conversation Flow in Copilot Studio Now, let's teach our agent how to interact with users to gather the necessary email details. We'll do this using a "Topic." Go to the Topics Tab: In your Copilot Studio agent, navigate to the Topics tab on the menu. Create a New Topic: Click + Add a topic and select From blank. You can ask Copilot to create a topic for you but for this tutorial we are going to create from scratch. Set the Trigger: The first node is the Trigger. This is what starts the conversation. Click on it and under "Phrases," add phrases like "send an email." This means whenever a user types this phrase, this topic will activate. Ask for the Recipient: Click the + icon below the trigger and select Ask a question. In the text box, type: "What's the recipient email?" Under "Identify," choose User's entire response. Save the response in a new variable called varRecipient. Ask for Subject and Body: Repeat the process above to ask for the Subject and Message body. Save the responses in variables named varSubject and varBody, respectively. Ask for Personalization (Optional): You can also ask for the Recipient's name for a personalized greeting and save it in a variable called varName. Step 5: Call the Azure Function to Send the Email With all the information gathered, it's time to send it to our Azure Function. Add an HTTP Request Node: Click the + icon below your last question. Go to Advanced > Send HTTP request. Configure the Request: URL: Paste the Function URL you copied from your Azure Function. Method: Select POST. Headers and body: Click Edit. For the body, select JSON content and use the formula editor to structure your data, mapping your topic variables (e.g., Topic.varSubject, Topic.varBody) to the JSON fields your function expects. Save the Response: The result from the Azure Function can be saved to a variable, such as varSendResult. This allows you to check if the email was sent successfully. Step 6: Test and Publish Your Agent Your AI email assistant is now fully configured! Let's test it out. Open the Test Panel: On the right side of the screen, open the Test your agent panel. Start a Conversation: Type your trigger phrase, "send an email," and press Enter. Follow the Prompts: The agent will ask you for the recipient, subject, and body. Provide the information as requested. Check Your Inbox: The agent will process the request and send the email. Check the recipient's inbox to confirm it has arrived! Publish: Once you are satisfied with the agent's performance, click the Publish button at the top of the page. You can then go to the Channels tab to deploy your agent to various platforms like Microsoft Teams, a demo website, or even Facebook. Congratulations! You have successfully built and deployed a functional AI email agent. Debugging and Troubleshooting Agent asking unnecessary information: If you want the agent to only ask the question that you have input and to not add anything extra. In your agent settings in Copilot Studio, turn off generative AI orchestration. This will force the AI agent to only asks questions Agent stuck in a loop: If, after sending, the agent jumps back to “What’s the recipient email?”, explicitly end the topic. Add + → Topic management → End current topic immediately after your success message. If you want branching, remember the HTTP Request action has no built-in success check, you can save the response (e.g., varSendResult), add a Condition that tests varSendResult.ok == true, and on success send a confirmation and End current topic to prevent loops.SPF, DKIM and DMARC bypassed for guest users
I manage a small non-profit using Microsoft 365 Business Basic. Most of the people on our board of directors are added as unlicensed guest users so that they can participate in Teams chats and meetings and to access our Sharepoint without using up a license. The problem: any email sent from an internal licensed user (or shared mailbox) to one of these guest users completely bypasses our domain's SPF, DKIM and DMARC configuration, resulting in bounced emails (particularly for recipients using gmail). Mail sent from an internal licensed user to any external address NOT registered as a guest user correctly passes SPF, DKIM and DMARC checks. I gather that this is because guest users are viewed as "internal" despite having external email addresses, but it seems like a serious limitation if I cannot reliably send email to anyone who is a guest user. Is there any extra configuration I can do to enable SPF, DKIM and DMARC for email to guest users?
I Can't use my own name to create a new Microsoft account in India.
I am an Indian Microsoft user, my full name is Aryan Rajput, which is legally registered by my parents in my country Republic of India. I don't know any norms of European countries about registering names, I don't know what restrictions are made, I can clarify my name, in my present situation is legal and legit. Moreover, none of my associates (including my parents) are pro-Nazi, and let me tell you leader of Nazism (I don't want to tell his name here hence I might be banned maybe) inspired by Indian culture and adopted terms like my name (Aryan means noble). Hence Microsoft should allow me to adopt my name in creating new account, because it's my right! At least they must allow in India where it is legal I hope the management would take necessary steps accordingly
