Enable the Report Message add-in

Overview

The Report Message add-in for Outlook and Outlook on the Web enables people to easily report misclassified email, whether safe or malicious, to Microsoft and its affiliates for analysis. Microsoft uses these submissions to improve the effectiveness of email protection technologies. In addition, if your organization is using Office 365 Advanced Threat Protection or Office 365 Threat Intelligence, the Report Message add-in provides your organization's security team with useful information they can use to review and update security policies.

For example, suppose that people are reporting a lot of messages as phishing. This information surfaces in the Security Dashboard and other reports. Your organization's security team can use this information as an indication that anti-phishing policies might need to be updated. Or, if people are reporting a lot of messages that were flagged as junk mail as Not Junk by using the Report Message add-in, your organization's security team might need to adjust anti-spam policies.

The Report Message add-in works with your Office 365 subscription and the following products:

  • Outlook on the Web
  • Outlook 2013 SP1
  • Outlook 2016
  • Outlook 2016 for Mac
  • Outlook included with Office 365 ProPlus

If you're an individual user, you can enable the Report Message add-in for yourself.

If you're an Office 365 global administrator or an Exchange Online administrator, and Exchange is configured to use OAuth authentication, you can enable the Report Message add-in for your organization. The Report Message Add-In is now available through Centralized Deployment.

Get the Report Message add-in for yourself

  1. In Microsoft AppSource, search for the Report Message add-in.

  2. Choose GET IT NOW.
    Report Message - Get It Now

  3. Review the terms of use and privacy policy. Then choose Continue.

  4. Sign in to your Office 365 email using your work or school account (for business use) or your Microsoft account (for personal use).

After the add-in is installed and enabled, you'll see the following icons:

  • In Outlook the icon looks like this:
    Report Message Add-in icon for Outlook
  • In Outlook Web App the icon looks like this:
    Outlook on the Web Report Message Add-in icon

As a next step, learn how to Use the Report Message add-in.

Get and enable the Report Message add-in for your organization

Important

You must be an Office 365 global administrator or an Exchange Online Administrator to complete this task. In addition, Exchange must be configured to use OAuth authentication To learn more, see Exchange requirements (Centralized Deployment of add-ins).

  1. Go to the Services & add-ins page in the new Microsoft 365 admin center.
    Services and Add-Ins page in the new Microsoft 365 Admin Center

  2. Choose + Deploy Add-in.
    Choose Deploy Add-In

  3. In the New Add-In screen, review the information, and then choose Next.
    New Add-In details

  4. Select I want to add an Add-In from the Office Store, and then choose Next.
    I want to add an new Add-In

  5. Search for Report Message, and in the list of results, next to the Report Message Add-In, choose Add.
    Search for Report Message and then choose Add

  6. On the Report Message screen, review the information, and then choose Next.
    Report Message details

  7. Specify the user default settings for Outlook, and then choose Next.
    Report Message default settings for Outlook

  8. Specify who gets the Report Message Add-in, and then choose Save.
    Who gets the Report Message add-in

Depending on what you selected using the wizard, people in your organization will have the Report Message add-in available. People in your organization will see the following icons:

  • In Outlook the icon looks like this:
    Report Message Add-in icon for Outlook
  • In Outlook Web App the icon looks like this:
    Outlook on the Web Report Message Add-in icon

Set up a rule to get a copy of email messages reported by your users

Important

You must be an Exchange Online Administrator to perform this task.

You can set up a rule to get a copy of email messages reported by users in your organization. You do this after you have downloaded and enabled the Report Message add-in for your organization.

  1. In the Exchange Admin Center, choose mail flow > rules.

  2. Choose + > Create a new rule.

  3. In the Name box, type a name, such as Submissions.

  4. In the Apply this rule if list, choose The recipient address includes....

  5. In the specify words or phrases screen, add junk@office365.microsoft.com and phish@office365.microsoft.com, and then choose OK.
    Specify the junk and phish email addresses for the rule

  6. In the Do the following... list, choose Bcc the message to....

  7. Add a global administrator, security administrator, and/or security reader who should receive a copy of each email message that people report to Microsoft, and then choose OK.
    Add a global or security administrator to receive a copy of each reported message

  8. Select Audit this rule with severity level, and choose Medium.

  9. Under Choose a mode for this rule, choose Enforce.
    Set up a rule to get a copy of each reported message

  10. Choose Save.

With this rule in place, whenever someone in your organization reports an email message using the Report Message add-in, your global administrator, security administrator, and/or security reader will receive a copy of that message. This information can enable you to set up or adjust policies, such as Office 365 ATP Safe Links policies.

Review or edit settings for the Report Message add-in

You can review and edit the default settings for the Report Message Add-In in the Services & Add-Ins page.

Important

You must be an Office 365 global administrator or an Exchange Online Administrator to complete this task.

  1. Go to the Services & add-ins page in the new Microsoft 365 admin center.
    Services and Add-Ins page in the new Microsoft 365 Admin Center

  2. Find and select the Report Message Add-In.
    Find and select the Report Message add-in

  3. On the Report Message screen, review and edit settings as appropriate for your organization.
    Settings for the Report Message add-in

Learn how to use the Report Message add-in

See Use the Report Message add-in.

Use the Report Message add-in

View email security reports in the Security & Compliance Center

View reports for Office 365 Advanced Threat Protection

Use Explorer in the Security & Compliance Center