cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
DaveM
Advocate I
Advocate I

Approval - Actionable Messages

Hi All,

 

I've set up a flow for an approval, which is working ok, but I'm not seeing the actionable messages in Outlook or OWA.

We're using Microsoft Office 365 ProPlus (Outlook 2016), Version 1805 (Build 9330.2124 Click-to-Run), Monthly Channel.  

 

This is the flow.

Flow.PNG

 

This is what I see in Outlook and in OWA:

Email.PNG

 

Any idea why I wouldn't see the actionable messages?  Is this feature fully rolled out or is there something I'm doing wrong?

30 REPLIES 30
Anonymous
Not applicable

We had same problem of yours. The cause was third part email filter (Mimecast), and classifying microsoft sender email in white list, actionable email appeared! 

How did you do that? Did you just add the Microsoft Flow <maccount@microsoft.com> email address into the whitelist? Thanks.

Anonymous
Not applicable

Exactly, we added sender email to MIMECAST whitelist, and problems solved

We went under Directories > Profile Groups, and then added "maccount" as Address and "@microsoft.com" as Domain. But it still is not working. Did we do it wrong?

 

Thanks!

Anonymous
Not applicable

Looking for all config we made, I found these additional ones on our firewall:

 

1) maccount@microsoft.com MESSAGGE ACTION to EVERYBODY

2) maccount@microsoft.com IMPERSONIFICATION PROTECTION BYPASS to INTERNAL

3) maccount@microsoft.com URL PROTECTION BYPASS to INTERNAL

 

I'm not able to attach a screenshot here, if you nedd I can send you an email with picture of our config

 

Could you please send a screen shot to me? My email address is: n_y_wang@hotmail.com.

 

We are still having trouble with whitelisting maccount@microsoft.com.

 

Thanks for your help!

Hi All,

 

To get this to work easily, you only need one policy.  Do the following;

 

Administration -> Gateway -> Policies -> URL Protection Bypass

 

Create a New Policy

 

Policy Narrative: Allow Microsoft - Call this whatever you want

Select Option: Disable URL Protection

Addresses Based On: The Message From Address (Message Header From)

Applies From: Email Domain - This is up to you, but I'm happy to whitelist the entire Microsoft domain as it effects other things like Planner.

Specifically: microsoft.com - Once again this will be dependent on the Applies From setting

Applies To: Internal Addresses

Specifically: Applies to all Internal Recipients

Enable / Disable: Enable

Holy moly folks!  A bit of a security risk in nice-listing such a generic and widely known sending email address, don't ya think?

Care to explain @planetparker it's not like we are whitelisting the envelope only the header. In all cases any whitelist is a security risk, so this isn't treated any differently.  Software can only protect you so much, education is the best form of protection.

Well, it would seem like anybody who can spoof a sender address could pass their email off as coming from Microsoft, and possibly fool your users into clicking links.  Or are there other protections in place that help with that?  

 

I've been waiting for microsoft to allow each tenant to change the sending address for tenant-generated emails like these for a long time.  Sure would beat nice-listing a Microsoft address, imo.

@planetparkerthere is a difference between envelop and header email addresses. Once again only allowing headers through not envelop.

Helpful resources

Announcements
Power Automate News & Announcements

Power Automate News & Announcements

Keep up to date with current events and community announcements in the Power Automate community.

Community Calls Conversations

Community Calls Conversations

A great place where you can stay up to date with community calls and interact with the speakers.

Power Automate Community Blog

Power Automate Community Blog

Check out the latest Community Blog from the community!

Users online (3,754)