I've set up a flow for an approval, which is working ok, but I'm not seeing the actionable messages in Outlook or OWA.
We're using Microsoft Office 365 ProPlus (Outlook 2016), Version 1805 (Build 9330.2124 Click-to-Run), Monthly Channel.
This is the flow.
This is what I see in Outlook and in OWA:
Any idea why I wouldn't see the actionable messages? Is this feature fully rolled out or is there something I'm doing wrong?
Solved! Go to Solution.
We went under Directories > Profile Groups, and then added "maccount" as Address and "@microsoft.com" as Domain. But it still is not working. Did we do it wrong?
Looking for all config we made, I found these additional ones on our firewall:
1) email@example.com MESSAGGE ACTION to EVERYBODY
2) firstname.lastname@example.org IMPERSONIFICATION PROTECTION BYPASS to INTERNAL
3) email@example.com URL PROTECTION BYPASS to INTERNAL
I'm not able to attach a screenshot here, if you nedd I can send you an email with picture of our config
Could you please send a screen shot to me? My email address is: firstname.lastname@example.org.
We are still having trouble with whitelisting email@example.com.
Thanks for your help!
To get this to work easily, you only need one policy. Do the following;
Administration -> Gateway -> Policies -> URL Protection Bypass
Create a New Policy
Policy Narrative: Allow Microsoft - Call this whatever you want
Select Option: Disable URL Protection
Addresses Based On: The Message From Address (Message Header From)
Applies From: Email Domain - This is up to you, but I'm happy to whitelist the entire Microsoft domain as it effects other things like Planner.
Specifically: microsoft.com - Once again this will be dependent on the Applies From setting
Applies To: Internal Addresses
Specifically: Applies to all Internal Recipients
Enable / Disable: Enable
Holy moly folks! A bit of a security risk in nice-listing such a generic and widely known sending email address, don't ya think?
Care to explain @planetparker it's not like we are whitelisting the envelope only the header. In all cases any whitelist is a security risk, so this isn't treated any differently. Software can only protect you so much, education is the best form of protection.
Well, it would seem like anybody who can spoof a sender address could pass their email off as coming from Microsoft, and possibly fool your users into clicking links. Or are there other protections in place that help with that?
I've been waiting for microsoft to allow each tenant to change the sending address for tenant-generated emails like these for a long time. Sure would beat nice-listing a Microsoft address, imo.
@planetparkerthere is a difference between envelop and header email addresses. Once again only allowing headers through not envelop.
Keep up to date with current events and community announcements in the Power Automate community.
A great place where you can stay up to date with community calls and interact with the speakers.
Check out the latest Community Blog from the community!