Mail flow insights (wave 2) will soon be available in O365 Security & Compliance Center


As you might have previously read, we released the first wave of mail flow insights last year (here is the original announcement).

Admins can use the mail flow dashboard in the Office 365 Security & Compliance Center to discover trends, insights, and take actions to fix issues related to mail flow in their Office 365 organization.

We're excited to announce that second wave of mail flow insights will soon be available in the Office 365 Security & Compliance Center. The new insights will be rolled out to customers who have opted in to Targeted Release, and will start to show up in the admin's mail flow dashboard at the beginning of April 2019.

We'll continue to create and refine mail flow insights to help improve productivity for admins, and we'll announce them as they become available.

You can see the details in this doc, but a quick summary is listed below.

Where to find mail flow insights?

  • If you are a global admin or an Exchange administrator, you can go to the Office 365 Security & Compliance Center at https://protection.office.com.
  • Expand Mail flow in the left hand nav, select Dashboard, you will see all insights on the right panel.

v2mailinsight1

As the doc we linked to earlier details, we're creating six new insights, reports and widgets available. Here are just a few examples of what you'll find in the mail flow insights dashboard.

Mail Flow Map

This report provides a visual map showing how mail flows through your Office 365 organization. You can use this information to learn patterns, identify anomalies, and fix issues as they arise.

v2mailinsight2

v2mailinsight3

Domain mail flow status

The Top domain mail flow status report gives you the current mail flow status for your organization's domains. This insight helps you identify and troubleshoot domains that are experiencing mail flow impacting issues (such as not receiving external email), domain expirations or domains with incorrect MX records.

v2mailinsight4

SMTP Auth client status

This report allows you to detect potentially compromised accounts due to the use of legacy (less secure) protocols. Clicking the widget will allow admins to see details of accounts that are still using the SMTP Basic Auth protocol, and will allow them to investigate potentially compromised accounts.

v2mailinsight5

v2mailinsight6

We really do encourage you to take advantage of mail flow insights in the Office 365 Security & Compliance Center and we hope you appreciate these additions. We will continue to improve the current insights as well as add new insights, and we're looking forward for your feedback!

Note that you can click the Feedback button at the bottom of the page to give feedback directly from the Security & Compliance Center:

Carolyn Liu

Comments (4)

  1. obx_bum says:

    Any idea when the problem of the client SMTP header logging mentioned on the EHELO blog
    https://blogs.technet.microsoft.com/exchange/2018/04/02/exchange-server-tls-guidance-part-2-enabling-tls-1-2-and-identifying-clients-not-using-it/

    will be corrected? iPhone native mail client may be improperly identified as using < TLS 1.2 when it actually is.

    1. Nino Bilic says:

      Do you have more information on this? Was there a ticket opened or ? I searched that page for ‘iphone’ and nothing…

      1. obx_bum says:

        It’s in the Notes section about half way down the page about SMTP authentication. It does not specifically mention iPhone. My question is raised because I do not know how the iPhone Native Mail app is authenticating to Exchange.
        If the SMTP logging is not accurate I do not know how to chase down the offending clients that are listed as using TLS 1 or 1.1 when they may actually be using 1.2 from the beginning.

  2. Bhoopat says:

    Really a good addition in O365. 👌👍

Skip to main content