This article contains information on setting up and managing Outlook End User Reporting in Mimecast Email Security Cloud Integrated, including configuration, troubleshooting, and compatibility details.
Prerequisites
Setting up Outlook End User Reporting
Configuration via Email Security Cloud Integrated
You can set up Microsoft End User Reporting so your users can use the native reporting button to report suspicious messages. As part of this process, a SecOps Mailbox is automatically set up for you.
You do not require a license for the SecOps Mailbox.
You can set up Microsoft End User Reporting and the SecOps Mailbox, by using the following steps:
- Log in to Email Security Cloud Integrated.
- On the Home screen, you will see that the new end-user reporting features are available.
If you accidentally close this banner on the Home Screen, follow the instructions for Repair, Reinstall, and Removal, after which you can install the feature.
- Click Configure Now to set up this feature, and click on Confirm.
- You will be automatically taken to Configuration | Service Authorizations | Microsoft 365 Mail, where you can see the configuration's progress, including the status of the new SecOps Mailbox and the Enable end-user receipt confirmation section.
- Once configuration is complete, end-user notifications can be disabled, if desired, before clicking on Confirm.
- End-user notifications are enabled by default but can be disabled as required. You can also change settings for this via Configuration | Service Authorizations.
- The configuration process usually takes 10-15 minutes.
- You can use the Partial Domain Support functionality to select which groups of users the Microsoft End User Reporting feature is targeted to be applied to.
Microsoft 365 Troubleshooting
Settings with Microsoft 365 for Microsoft End User Reporting are updated for you as part of the configuration process for this feature.
To assist with Troubleshooting, you can review these settings by using the following steps:
- Log in to Microsoft 365 Admin Center.
- Navigate to Show All | Security.
- In the Security Admin Center, navigate to Settings | Email & Collaboration | User reported settings.
- Locate the Outlook section.
- You can select from a choice of options under "Send reported messages to:"
-
- Microsoft only sends reported messages to Microsoft. If you had this set before configuring the native reporting button in Microsoft Outlook, it will automatically change to My Reporting Mailbox Only.
-
My Reporting Mailbox Only sends reported messages to the reporting mailbox created during configuration.
- Microsoft and My Reporting Mailbox gives you the option to send reported messages to Microsoft and designated mailbox(es):
- If Microsoft and My Reporting Mailbox were already selected before configuration, this will not be changed, and no listed mailboxes will be deleted.
- The SecOps Mailbox created during configuration will automatically be populated into the Add an Exchange online mailbox to send reported messages to: field.
When using this option, your users can continue to send reported emails to Microsoft, as this doesn’t affect our scanners or our process of updating them.
You can view details for the SecOps Mailbox that has been automatically set up, by using the following steps:
- Navigate to Teams & Groups | Shared mailboxes; your SecOps Mailbox will appear here.
- Navigate to Policies & Rules | Threat policies | Advanced delivery. Your SecOps Mailbox is displayed, and you are informed that emails sent to these mailboxes are delivered unfiltered (with no additional scanning for spam/malware/phishing so that messages are received in their entirety).
Re-install / Repair the Microsoft Reporting Configuration
You can repair or re-install Microsoft's native end-user reporting configuration, using the following steps:
- Navigate to Configuration | Service Authorization | Settings (Microsoft 365 Mail).
- Click Reconfigure Reporting.
End User Reporting
- These messages cannot be edited, nor can they update the branding.
- Mimecast does not receive the message's contents; it only receives a notification that the message has been reported. At this point, we check if the user is a part of a targeted group (if that feature is used). We drop the message if the user is not part of a targeted group.
Suspicious Message Reporting
When end-users report a suspicious message, they will receive a notification thanking them for reporting it.
Reporting Awareness Training Phishing Simulations
When an end-user reports an Awareness Training phishing simulation message, they will receive a "Congratulations" message to explain that they've successfully reported it. Awareness training statistics will be updated.
Microsoft Compatibility
- The built-in reporting button in most Microsoft Outlook client applications.
- The Microsoft reporting add-in.
The reporting add-in documentation can be found in Microsoft's documentation, and Microsoft maintains these reporting methods.
| Platform | Client | Compatibility |
|---|---|---|
| Web | Outlook web access | Built-in reporting |
| Microsoft Windows | Outlook "legacy" | Reporting add-in |
| Microsoft Windows | Outlook "new" | Built-in reporting |
| Apple iOS | Outlook mobile | Built-in reporting |
| Google Android | Outlook mobile | Built-in reporting |
| Apple MacOS | Outlook "legacy" | Reporting add-in |
| Apple MacOS | Outlook "new" | Reporting add-in |
Turning off Notifications
End-user notifications can be turned off within Email Security Cloud Integrated by navigating to Configuration | Service Authorizations | Settings.
Comments
Please sign in to leave a comment.