Hi All,
I've set up a flow for an approval, which is working ok, but I'm not seeing the actionable messages in Outlook or OWA.
We're using Microsoft Office 365 ProPlus (Outlook 2016), Version 1805 (Build 9330.2124 Click-to-Run), Monthly Channel.
This is the flow.
This is what I see in Outlook and in OWA:
Any idea why I wouldn't see the actionable messages? Is this feature fully rolled out or is there something I'm doing wrong?
Solved! Go to Solution.
We had same problem of yours. The cause was third part email filter (Mimecast), and classifying microsoft sender email in white list, actionable email appeared!
How did you do that? Did you just add the Microsoft Flow <maccount@microsoft.com> email address into the whitelist? Thanks.
Exactly, we added sender email to MIMECAST whitelist, and problems solved
We went under Directories > Profile Groups, and then added "maccount" as Address and "@microsoft.com" as Domain. But it still is not working. Did we do it wrong?
Thanks!
Looking for all config we made, I found these additional ones on our firewall:
1) maccount@microsoft.com MESSAGGE ACTION to EVERYBODY
2) maccount@microsoft.com IMPERSONIFICATION PROTECTION BYPASS to INTERNAL
3) maccount@microsoft.com URL PROTECTION BYPASS to INTERNAL
I'm not able to attach a screenshot here, if you nedd I can send you an email with picture of our config
Could you please send a screen shot to me? My email address is: n_y_wang@hotmail.com.
We are still having trouble with whitelisting maccount@microsoft.com.
Thanks for your help!
Hi All,
To get this to work easily, you only need one policy. Do the following;
Administration -> Gateway -> Policies -> URL Protection Bypass
Create a New Policy
Policy Narrative: Allow Microsoft - Call this whatever you want
Select Option: Disable URL Protection
Addresses Based On: The Message From Address (Message Header From)
Applies From: Email Domain - This is up to you, but I'm happy to whitelist the entire Microsoft domain as it effects other things like Planner.
Specifically: microsoft.com - Once again this will be dependent on the Applies From setting
Applies To: Internal Addresses
Specifically: Applies to all Internal Recipients
Enable / Disable: Enable
Holy moly folks! A bit of a security risk in nice-listing such a generic and widely known sending email address, don't ya think?
Care to explain @planetparker it's not like we are whitelisting the envelope only the header. In all cases any whitelist is a security risk, so this isn't treated any differently. Software can only protect you so much, education is the best form of protection.
Well, it would seem like anybody who can spoof a sender address could pass their email off as coming from Microsoft, and possibly fool your users into clicking links. Or are there other protections in place that help with that?
I've been waiting for microsoft to allow each tenant to change the sending address for tenant-generated emails like these for a long time. Sure would beat nice-listing a Microsoft address, imo.
@planetparkerthere is a difference between envelop and header email addresses. Once again only allowing headers through not envelop.
User | Count |
---|---|
27 | |
16 | |
15 | |
12 | |
11 |
User | Count |
---|---|
43 | |
30 | |
28 | |
23 | |
23 |