SnapOverflow

SnapOverflow Logo SnapOverflow Logo

SnapOverflow Navigation

  • Home
  • Server
  • Ubuntu

Mobile menu

Close
  • Home
  • System Administrators
    • Hot Questions
    • New Questions
    • Tags
  • Ubuntu
    • Hot Questions
    • New Questions
    • Tags
  • Help
Home / server / Questions / 1077087
Accepted
Norphus
Norphus
Asked: 2021-09-10 04:39:09 +0800 CST2021-09-10 04:39:09 +0800 CST 2021-09-10 04:39:09 +0800 CST

Exchange Online - Reporting on blocked users

  • 772

There is a feature in Exchange Online which blocks users from being able to send email when they send too many emails in a time period. It usually triggers either when a user sends a load of emails via Mail Merge or when their account gets compromised and it's used to send a load of spam.

You can view which accounts have been blocked from sending either by going to the Restricted Users page in the Defender Security Portal or by running the Get-BlockedSenderAddress cmdlet in the Exchange Online EXO PowerShell Module.

The trouble is, these only show the users who are currently blocked. I have been asked by my employer to produce a report on who has been blocked in the last n days. I've looked at the reports in the Defender portal and there isn't one that does exactly that. I'm wondering if this kind of data is kept and if so, how I can extract it?

Thanks in advanced for any help.

exchange reporting microsoft-office-365 windows-defender
  • 1 1 Answers
  • 228 Views

1 Answers

  • Voted
  1. Best Answer
    Louisl
    2021-09-10T18:08:09+08:002021-09-10T18:08:09+08:00

    Check it in Report > Email & collaboration > Compromised users. You can see the compromised(Suspicious or Restricted) users report in the last 90 days. URL: https://security.microsoft.com/reports/CompromisedUsers

    For more information about this: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-worldwide#compromised-users-report

    • 0

Sidebar

Stats

  • Questions 681965
  • Answers 980273
  • Best Answers 280204
  • Users 287326
  • Popular
  • Answers
  • Marko Smith

    Can you pass user/pass for HTTP Basic Authentication in URL parameters?

    • 5 Answers
  • Marko Smith

    Ping a Specific Port

    • 18 Answers
  • Marko Smith

    Check if port is open or closed on a Linux server?

    • 7 Answers
  • Marko Smith

    How to automate SSH login with password?

    • 10 Answers
  • Marko Smith

    How do I tell Git for Windows where to find my private RSA key?

    • 30 Answers
  • Marko Smith

    What's the default superuser username/password for postgres after a new install?

    • 5 Answers
  • Marko Smith

    What port does SFTP use?

    • 6 Answers
  • Marko Smith

    Command line to list users in a Windows Active Directory group?

    • 9 Answers
  • Marko Smith

    What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

    • 3 Answers
  • Marko Smith

    How to determine if a bash variable is empty?

    • 15 Answers
  • Martin Hope
    Davie Ping a Specific Port 2009-10-09 01:57:50 +0800 CST
  • Martin Hope
    Smudge Our security auditor is an idiot. How do I give him the information he wants? 2011-07-23 14:44:34 +0800 CST
  • Martin Hope
    kernel Can scp copy directories recursively? 2011-04-29 20:24:45 +0800 CST
  • Martin Hope
    Robert ssh returns "Bad owner or permissions on ~/.ssh/config" 2011-03-30 10:15:48 +0800 CST
  • Martin Hope
    Eonil How to automate SSH login with password? 2011-03-02 03:07:12 +0800 CST
  • Martin Hope
    gunwin How do I deal with a compromised server? 2011-01-03 13:31:27 +0800 CST
  • Martin Hope
    Tom Feiner How can I sort du -h output by size 2009-02-26 05:42:42 +0800 CST
  • Martin Hope
    Noah Goodrich What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats? 2009-05-19 18:24:42 +0800 CST
  • Martin Hope
    Brent How to determine if a bash variable is empty? 2009-05-13 09:54:48 +0800 CST
  • Martin Hope
    cletus How do you find what process is holding a file open in Windows? 2009-05-01 16:47:16 +0800 CST

Related Questions

Trending Tags

linux nginx windows networking ubuntu domain-name-system amazon-web-services active-directory apache-2.4 ssh

Explore

  • Home
  • Questions
    • Hot Questions
    • New Questions
  • Tags
  • Help

Footer

SnapOverflow

About Us

  • About Us
  • Contact Us

Legal Stuff

  • Privacy Policy

Help

© 2022 SOF-TR. All Rights Reserve