If you are using Exchange Online, you may already know the ‘Report message’ add-in to report junk or phishing emails

image

But as an administrator, do you know where to get these reports, and do you know you can also get notified?

I’m sure not, so here it is:

Access Users Reported Message

  • first, you can get all these reports and review them to take appropriate actions from the Security and Compliance portal (https://protection.office.com/)

image

  • Go to the Threats Management\Review options and then open the User-reported messages toolbox you will be able to identify who reported the message, subject, sender, source IP and the report type (which can be helpful to identify false positive)

image

  • Then if you click on the user reporting, the subject or the source IP you will get additional details to help you adjust your mail hygiene settings

imageimageimage

Get Notified when user reports junk mail

  • Next, as you may not access the Security and Compliance portal every 5 minutes, you can setup a rule to get notified
  • Access your Exchange Online ECP (https://outlook.office365.com/ecp) and go to the Mail flow\Rules section

image

  • Create a new rule with the following configuration:
    • Apply this rule: The recipient address includes
    • Words: junk@office365.microsoft.com and phish@office365.microsoft.com
    • Do the following: Bcc the message to and select the recipient to get Bcc

imageimageimage

That’s it, next time users report junk/phishing, you will get notified.