Solved: Re: Approval - Actionable Messages - Page 2

DaveM · ‎06-19-2018

Hi All,

I've set up a flow for an approval, which is working ok, but I'm not seeing the actionable messages in Outlook or OWA.

We're using Microsoft Office 365 ProPlus (Outlook 2016), Version 1805 (Build 9330.2124 Click-to-Run), Monthly Channel.

This is the flow.

This is what I see in Outlook and in OWA:

Any idea why I wouldn't see the actionable messages? Is this feature fully rolled out or is there something I'm doing wrong?

Anonymous · ‎05-06-2019

We had same problem of yours. The cause was third part email filter (Mimecast), and classifying microsoft sender email in white list, actionable email appeared!

Nathanw · ‎06-04-2019

How did you do that? Did you just add the Microsoft Flow <maccount@microsoft.com> email address into the whitelist? Thanks.

Anonymous · ‎06-05-2019

Exactly, we added sender email to MIMECAST whitelist, and problems solved

nathanw1 · ‎06-06-2019

We went under Directories > Profile Groups, and then added "maccount" as Address and "@microsoft.com" as Domain. But it still is not working. Did we do it wrong?

Thanks!

Anonymous · ‎06-07-2019

Looking for all config we made, I found these additional ones on our firewall:

1) maccount@microsoft.com MESSAGGE ACTION to EVERYBODY

2) maccount@microsoft.com IMPERSONIFICATION PROTECTION BYPASS to INTERNAL

3) maccount@microsoft.com URL PROTECTION BYPASS to INTERNAL

I'm not able to attach a screenshot here, if you nedd I can send you an email with picture of our config

nathanw1 · ‎06-13-2019

Could you please send a screen shot to me? My email address is: n_y_wang@hotmail.com.

We are still having trouble with whitelisting maccount@microsoft.com.

Thanks for your help!

longathrow · ‎11-12-2019

Hi All,

To get this to work easily, you only need one policy. Do the following;

Administration -> Gateway -> Policies -> URL Protection Bypass

Create a New Policy

Policy Narrative: Allow Microsoft - Call this whatever you want

Select Option: Disable URL Protection

Addresses Based On: The Message From Address (Message Header From)

Applies From: Email Domain - This is up to you, but I'm happy to whitelist the entire Microsoft domain as it effects other things like Planner.

Specifically: microsoft.com - Once again this will be dependent on the Applies From setting

Applies To: Internal Addresses

Specifically: Applies to all Internal Recipients

Enable / Disable: Enable

planetparker · ‎02-06-2020

Holy moly folks! A bit of a security risk in nice-listing such a generic and widely known sending email address, don't ya think?

longathrow · ‎02-06-2020

Care to explain @planetparker it's not like we are whitelisting the envelope only the header. In all cases any whitelist is a security risk, so this isn't treated any differently. Software can only protect you so much, education is the best form of protection.

planetparker · ‎02-08-2020

Well, it would seem like anybody who can spoof a sender address could pass their email off as coming from Microsoft, and possibly fool your users into clicking links. Or are there other protections in place that help with that?

I've been waiting for microsoft to allow each tenant to change the sending address for tenant-generated emails like these for a long time. Sure would beat nice-listing a Microsoft address, imo.

longathrow · ‎02-09-2020

@planetparkerthere is a difference between envelop and header email addresses. Once again only allowing headers through not envelop.

Approval - Actionable Messages

Helpful resources

Power Automate News & Announcements

Community Calls Conversations

Power Automate Community Blog