Enable the Report Message add-in
Note
If you're an admin in a Microsoft 365 organization with Exchange Online mailboxes, we recommend that you use the Submissions portal in the Security & Compliance Center. For more information, see Use Admin Submission to submit suspected spam, phish, URLs, and files to Microsoft.
The Report Message add-in for Outlook and Outlook on the web (formerly known as Outlook Web App) enables people to easily report false positives (good email marked as bad) or false negatives (bad email allowed) to Microsoft and its affiliates for analysis. Microsoft uses these submissions to improve the effectiveness of email protection technologies.
For example, suppose that people are reporting a lot of messages as phishing. This information surfaces in the Security Dashboard and other reports. Your organization's security team can use this information as an indication that anti-phishing policies might need to be updated. Or, if people are reporting a lot of messages that were flagged as junk mail as Not Junk by using the Report Message add-in, your organization's security team might need to adjust anti-spam policies.
In addition, if your organization is using Office 365 Advanced Threat Protection Plan 1 or Plan 2, the Report Message add-in provides your organization's security team with useful information they can use to review and update security policies.
Admins can enable the Report Message add-in for the organization, and individual users can install it for themselves.
If you're an individual user, you can enable the Report Message add-in for yourself.
If you're a global administrator or an Exchange Online administrator, and Exchange is configured to use OAuth authentication, you can enable the Report Message add-in for your organization. The Report Message Add-In is now available through Centralized Deployment.
What do you need to know before you begin?
The Report Message add-in works with most Microsoft 365 subscriptions and the following products:
- Outlook on the web
- Outlook 2013 SP1 or later
- Outlook 2016 for Mac
- Outlook included with Microsoft 365 apps for Enterprise
The Report Message add-in is currently not available for:
- Mailboxes in on-premises Exchange organizations
- GCC, GCC HIGH, or DoD subscriptions
You can configure reported messages to be copied or redirected to a mailbox that you specify. For more information, see Specify a mailbox for user submissions of spam and phishing messages in Exchange Online.
Your existing web browser should work with the Report Message add-in. But, if you notice the add-in is not available or not working as expected, try a different browser.
For organizational installs, the organization needs to be configured to use OAuth authentication. For more information, see Determine if Centralized Deployment of add-ins works for your organization.
Admins need to be a member of the Global admins role group. For more information, see Permissions in the Security & Compliance Center.
Get the Report Message add-in for yourself
Go to the Microsoft AppSource at https://appsource.microsoft.com/marketplace/apps and search for the Report Message add-in. To go directly to the Report Message add-in, go to https://appsource.microsoft.com/product/office/wa104381180.
Click GET IT NOW.
In the dialog that appears, review the terms of use and privacy policy, and then click Continue.
Sign in using your work or school account (for business use) or your Microsoft account (for personal use).
After the add-in is installed and enabled, you'll see the following icons:
In Outlook, the icon looks like this:
In Outlook on the web, the icon looks like this:
To learn how to use the add-in, see Use the Report Message add-in.
Get and enable the Report Message add-in for your organization
Note
It could take up to 12 hours for the add-in to appear in your organization.
In the Microsoft 365 admin center, go to the Services & add-ins page at https://admin.microsoft.com/AdminPortal/Home#/Settings/ServicesAndAddIns, and then click Deploy Add-In.
In the Deploy a new add-in flyout that appears, review the information, and then click Next.
On the next page, click Choose from the Store.
In the Select add-in page that appears, click in the Search box, enter Report Message, and then click Search
. In the list of results, find Report Message and then click Add.
In the dialog that appears, review the licensing and privacy information, and then click Continue.
In the Configure add-in page that appears, configure the following settings:
Assigned users: Select one of the following values:
- Everyone (default)
- Specific users / groups
- Just me
Deployment method: Select one of the following values:
- Fixed (Default): The add-in is automatically deployed to the specified users and they can't remove it.
- Available: Users can install the add-in at Home > Get add-ins > Admin-managed.
- Optional: The add-in is automatically deployed to the specified users, but they can choose to remove it.
When you're finished, click Deploy.
In the Deploy Report Message page that appears, you'll see a progress report followed by a confirmation that the add-in was deployed. After you read the information, click Next.
On the Announce add-in page that appears, review the information, and then click Close.
Learn how to use the Report Message add-in
People who have the add-in assigned to them will see the following icons:
In Outlook, the icon looks like this:
In Outlook on the web, the icon looks like this:
When you notify users about the Report Message add-in, include a link to Use the Report Message add-in.
Review or edit settings for the Report Message add-in
In the Microsoft 365 admin center, go to the Services & add-ins page at https://admin.microsoft.com/AdminPortal/Home#/Settings/ServicesAndAddIns.
Find and select the Report Message add-in.
In the Edit Report Message flyout that appears, review and edit settings as appropriate for your organization. When you're finished, click Save.
View and review reported messages
To review messages that users report to Microsoft, you have these options:
Use the Admin Submissions portal. For more information, see View user submissions to Microsoft.
Create a mail flow rule (also known as a transport rule) to send copies of reported messages. For instructions, see Use mail flow rules to see what your users are reporting to Microsoft.