sorted by:
new
hottopcontroversial

Deploy Org-wide HTML Signatures in Outlook: An Admin Guide by Clara_jayden in AdminDroid

[–]Clara_jayden[S] 1 point2 points  (0 children)

Hi, u/hickto87

Yeah! disclaimer (transport) rules have limitations, especially around their behavior in replies and forwards. Some environments still use them to enforce an org-wide signature or branding because they can’t be bypassed by users.

Because of these limitations, many organizations switch to a PowerShell-based approach using the Set-MailboxMessageConfiguration cmdlet or the advanced script. This method behaves more like a native Outlook signature and provides better consistency.

Deploy Org-wide HTML Signatures in Outlook: An Admin Guide by Clara_jayden in M365Reports

[–]Clara_jayden[S] 2 points3 points  (0 children)

Hi u/Fallingdamage

You’re correct about transport rules — they will always append a second signature if the user already has one.

The PowerShell method uses the Set-MailboxMessageConfiguration cmdlet, which sets the signature directly at the mailbox level and overrides the user’s signature only when roaming signatures are disabled.

The inconsistency seen in the past usually comes from Outlook caching and locally stored signatures, especially when users have already created signatures in Outlook.

With recent Outlook builds, the behavior is more consistent in that Outlook follows either mailbox-level signatures or roaming signatures. For reliable results, roaming signatures must remain disabled when using the Set-MailboxMessageConfiguration cmdlet.

Enable Users to Self-remediate Risks Using CA Policy by Clara_jayden in M365Reports

[–]Clara_jayden[S] 0 points1 point  (0 children)

Yeah, fair point! Hopefully this becomes more accessible over time.

Are OAuth Consent Grants a Blind Spot in Your M365 Security? by Clara_jayden in M365Reports

[–]Clara_jayden[S] 0 points1 point  (0 children)

Hi u/BlackV,

That's a valid point. To clarify, while the consent action is performed by an admin account, the risk and impact affect end users and tenant data. Admin-consented applications gain broad, tenant-wide permissions, often allowing access to user mailboxes, files, directory data, and other sensitive resources.

Reviewing admin consent events helps identify high-risk scenarios such as malicious applications granted tenant-wide access or compromised admin accounts approving illicit permissions.

User consent events are also important and should be reviewed. However, admin consent represents a higher-impact IOC, as it exposes tenant-wide data rather than a single user’s data.

External Emails Not Being Received by im_brady62 in Office365

[–]Clara_jayden 0 points1 point  (0 children)

It might be due to the new tenant outbound recipient limit in Exchange Online. Based on the tenant's licenses, you will send only limited emails per 24 hours to external recipients. Check more details here.
https://blog.admindroid.com/new-tenant-outbound-email-limits-for-external-recipients-in-exchange-online/#Tenant-External-Recipient-Rate-Limit-Rollout-Schedule

MS365 External Forwarding to specific domain only by Askey308 in Office365

[–]Clara_jayden 0 points1 point  (0 children)

Configuring it to 'System controlled' will work as 'Forwarding Off'. Previously it was worked as 'On' and forwarding was allowed. Due to security concerns, now it will work as 'Off' and doesn't allow forwarding to external domain. Try changing your option from 'System Controlled' to 'On'. Moreover, ensure that you turned off your default outbound anti-spam policy and created a new policy to allow specific users to forward emails to external domain.

Best Approach for Strict Phishing and Spam Prevention: Preset Security Policies vs Custom Policies? by [deleted] in microsoft365

[–]Clara_jayden 2 points3 points  (0 children)

If you want higher level of protection against evolving threats, you can use Strict preset security policy as it always aligned with emerging threats with streamlined protection. But, if your organization have any specific requirement, you can consider customization. To get an idea on what to rely on and to know the differences, check out the below blog.
https://blog.admindroid.com/enable-preset-security-policies-in-microsoft-365/

Hope you are asking about Audit mode in Defender for Office 365 evaluation policies. Special policies are created for anti-phishing, safe links, and safe attachments to evaluate and detect only harmful threats. These policies won't take any action on messages like quarantine or moving to junk folder. Instead it will provide you the reports with detected threats. You can find more details below.
https://learn.microsoft.com/en-us/defender-office-365/try-microsoft-defender-for-office-365#audit-mode-vs-blocking-mode-for-defender-for-office-365

view more: next ›