Microsoft Exchange Online is a lot more than just your average mailserver. It includes a sophisticated anti-spam mechanism. Millions of e-mails coming in every day to over 200 million users (2019) make it that Microsoft has a pretty good idea of what mail is legit and what mail is better to be avoided. The sample size is extremely big and that makes it much easier to see emerging trends and threats.
As part of the delivered service, Microsoft will block a lot of spam, phishing, and malware right at the gate before it even enters your mailbox. If some mail is overlooked at first but later found to be malicious or unwanted, the system can even go in and remove mail retroactively (if configured to do so).
Still, there are always those few pesky e-mails that somehow slipped right through the gates and end up in a mailbox. Your well-trained users, of course, know to ignore such an email. Or even better, they delete it. It doesn’t help to filter that e-mail address in your spam settings. There’s something much better they can do: report spam to Microsoft for further analyses. Microsoft uses these submissions to improve the effectiveness of email protection technologies. You and other recipients could benefit greatly from these spam-reports. It allows future similar emails to be blocked for you and millions of other people.
Microsoft created an Office add-on just for this purpose. They named it: Report Message.
Installing the Report Message add-on
Don’t worry, Office 365 can install (and remove) add-ons via the admin portal. No need to bring in the local SCCM expert to package some software.
As a global admin, you go to your Office 365 admin center and click on Settings – Add-ins. From here you can set up addons that will be sent out to your users in both their Outlook client (PC and Mac) and Outlook on the web.
Click on “Deploy Add-In”, click Next on the screen that pops up and select the “Choose from the Store” option.
Now, simply type the name of the add-in you are looking for. In this case, it is “Report Message”.
Click Add to add it to your tenant. As with all add-ins, you get to choose who can use it and how it is distributed.
A first deployment can take over 24 hours to process. You get an e-mail when it is done for your tenant. After that, it takes an extra day or so before all users have the add-in installed. Patience is a virtue. Once installed, your users see a new button in Outlook where they can report spam straight from their mailbox.
This is not where the fun ends. By default, all messages go to Microsoft. However, it is also possible to send these reports to a local team for processing, or both. To visit these settings, go to https://protection.office.com/ – Threat Management – Policy – User Submissions and there to you can select what you want:
By default, your message will go to Microsoft but as you can see, it is possible to change that setting.