Merge pull request #4571 from MicrosoftDocs/main

m365-skilling-repo-management[bot] · web-flow · commit 83ab3c31e6e7 · 2025-07-24T20:35:16.000Z
[AutoPublish] main to live - 07/24 13:32 PDT | 07/25 02:02 IST
diff --git a/defender-office-365/email-authentication-spf-configure.md b/defender-office-365/email-authentication-spf-configure.md
@@ -5,7 +5,7 @@ f1.keywords:
 ms.author: chrisda
 author: chrisda
 manager: deniseb
-ms.date: 04/15/2025
+ms.date: 07/24/2025
 audience: ITPro
 ms.topic: how-to
 
@@ -111,10 +111,10 @@ v=spf1 ip4:192.168.0.10 ip4:192.168.0.12 include:spf.protection.outlook.com -all
 
   - `~all` (soft fail): Sources not specified in the SPF TXT record _probably_ aren't authorized to send mail for the domain, so the messages should be accepted but marked. What actually happens to the message depends on the destination email system. For example, the message might be quarantined as spam, delivered to the Junk Email folder, or delivered to the Inbox with an identifier added to the Subject or message body.
 
-     Because we also recommend DKIM and DMARC for Microsoft 365 domains, the differences between `-all` (hard fail) and `~all` (soft fail) are effectively eliminated (DMARC treats either result as an SPF failure). DMARC uses SPF to confirm the domains in the MAIL FROM and From addresses align _and_ the message came from a valid source for the From domain.
+     > [!NOTE]
+     > DMARC treats `-all` (hard fail) and `~all` (soft fail) as SPF failures. But the DMARC policy is effectively ignored for SPF `~all` failures if the messages don't also contain DKIM signatures. We recommend `-all` so DMARC can act on messages that fail SPF if the messages also lack DKIM signatures.
 
-  > [!TIP]
-  > `?all` (neutral) is also available to suggest no specific action on messages from unidentified sources. This value is used for testing, and we don't recommend this value in production environments.
+  - `?all` (neutral): Suggests no specific action on messages from unidentified sources. This value is used for testing, and we don't recommend this value in production environments.
 
 Important points to remember:
 
diff --git a/defender-office-365/submissions-outlook-report-messages.md b/defender-office-365/submissions-outlook-report-messages.md
@@ -14,7 +14,7 @@ ms.collection:
 description: Learn how to report phishing and suspicious emails in supported versions of Outlook using the built-in Report button.
 ms.service: defender-office-365
 search.appverid: met150
-ms.date: 02/24/2025
+ms.date: 07/24/2025
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Exchange Online Protection</a>
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
@@ -62,6 +62,9 @@ Admins configure user reported messages to go to a specified reporting mailbox,
   - Shared mailboxes require Send As or Send On Behalf permission for the user.
   - Other mailboxes require Send As or Send On Behalf permission _and_ Read and Manage permissions for the delegate.
 
+  > [!NOTE]
+  > If the previously described permissions aren't granted, reported messages aren't shown on the [User reported](submissions-admin.md#view-user-reported-messages-to-microsoft) tab. Reported messages are still quarantined to protect the mailbox from phishing attacks.
+
 ### Use the built-in Report button in Outlook to report junk and phishing messages
 
 - Users can report a message as junk from the Inbox or any email folder other than Junk Email folder.
