If you use Classic Outlook and your organization has started rolling out the New Outlook for Windows, you may notice the built-in buttons for reporting junk and phishing emails behave differently. The New Outlook uses a unified reporting system that sends messages directly to Microsoft for analysis, while Classic Outlook relies on add-ins or server-side rules. This article explains how the reporting mechanism works in both versions, how Classic Outlook users are affected when their tenant enables the New Outlook toggle, and what you must do to keep reporting correctly after the transition.
The core change is that the New Outlook replaces legacy add-ins like the Microsoft Report Message or Report Phishing with a native button that submits directly to Microsoft 365. Classic Outlook users who have not yet switched can still use their existing add-ins or the built-in Junk Email feature, but those tools may stop working once the tenant fully migrates. Understanding this difference helps you avoid losing reporting functionality and ensures your organization’s security team still receives phishing samples.
This article covers the architecture of the New Outlook reporting system, step-by-step instructions for Classic Outlook users to prepare for the switch, and common pitfalls when transitioning between the two clients.
Key Takeaways: How Reporting Phishing and Junk Changes in New Outlook
- New Outlook native Report button: Sends messages directly to Microsoft for analysis and automatically removes them from your inbox.
- Classic Outlook Junk Email button: Moves messages to the Junk Email folder but does not submit them to Microsoft or your security team by default.
- Add-in replacement: The New Outlook disables third-party add-ins for reporting; you must use the built-in button or configure a custom submission mailbox.
Why the New Outlook Changes How You Report Junk and Phishing
In Classic Outlook, the Junk Email feature is a client-side filter that moves suspected spam to the Junk Email folder. It does not send a copy of the message to Microsoft or to your organization’s security team. To report phishing, organizations typically deploy the Microsoft Report Message or Report Phishing add-in, or a third-party add-in from a security vendor. These add-ins submit the email to a designated mailbox or to Microsoft 365 for analysis.
The New Outlook for Windows replaces this fragmented system with a single built-in Report button located in the ribbon. When you click Report and choose Junk or Phishing, the New Outlook performs three actions simultaneously:
- Submits the email to Microsoft for analysis, which helps improve the global spam and phishing filters.
- Moves the message to the Deleted Items folder or Junk Email folder depending on your selection.
- If your organization has configured a custom submission mailbox, the New Outlook can also send a copy there using a policy setting.
The key technical difference is that the New Outlook reporting is part of the client itself, not an add-in. This means add-ins that previously handled reporting are no longer loaded or visible. If your organization has not migrated to the New Outlook, the Classic Outlook add-ins remain active. Once the tenant enables the New Outlook toggle for a user, the add-ins are automatically removed from that user’s session.
What Happens to Existing Add-Ins
When a user switches to the New Outlook, the client does not load any COM add-ins. The Microsoft Report Message add-in and any third-party reporting add-ins are COM-based, so they disappear from the ribbon. The New Outlook’s native Report button replaces them. If your organization relies on a third-party security vendor for phishing analysis, the New Outlook can still forward a copy of the reported message to that vendor’s mailbox using a transport rule or a custom submission setting in the Microsoft 365 admin center.
Steps for Classic Outlook Users to Prepare for the New Outlook Reporting System
- Check whether your organization has enabled the New Outlook toggle
Open Classic Outlook and look at the top-right corner of the window. If you see a toggle switch labeled “Try the new Outlook,” your tenant is enabled for the transition. Clicking it switches you to the New Outlook and removes your add-ins. - Verify your current reporting add-in
Go to File > Options > Add-ins. Under Active Application Add-ins, look for “Microsoft Report Message” or “Report Phishing.” If you see a third-party add-in, note its name. This add-in will not work in the New Outlook. - Test the New Outlook in a sandbox environment
Before switching your primary mailbox, create a test profile or use a secondary account. Switch to the New Outlook and confirm the Report button appears in the Home tab. Click Report and select Junk or Phishing to verify the message is removed from your inbox. - Configure custom submission if required
If your security team needs a copy of reported messages, ask your IT admin to set up a submission mailbox. In the Microsoft 365 admin center, go to Support > Report Junk and Phishing. Enable “Send reported messages to Microsoft” and optionally add a custom mailbox address. This setting applies to both New Outlook and Outlook on the web. - Train users on the new button location
In the New Outlook, the Report button is in the Home tab, next to the Delete and Archive buttons. Users should click Report, then choose Junk or Phishing. There is no separate button for each type in the ribbon by default. - Remove old add-ins after the switch
Once you switch to the New Outlook, the old add-ins are no longer loaded. You can safely uninstall them from Windows Settings > Apps > Installed Apps to avoid confusion.
If You Still Need to Report in Classic Outlook After the Transition
Classic Outlook Junk button does not submit to Microsoft
The built-in Junk button in Classic Outlook only moves the message to the Junk Email folder. It does not send a copy to Microsoft or your security team. To report phishing in Classic Outlook after the New Outlook has been enabled for your tenant, you must use the Microsoft Report Message add-in if it is still installed. If the add-in is removed, switch to the New Outlook to access the native Report button.
Report Phishing add-in is missing after switching back to Classic Outlook
If you switch back to Classic Outlook after trying the New Outlook, the add-in may be disabled. Go to File > Options > Add-ins, select COM Add-ins from the Manage dropdown, and click Go. Check the box for Microsoft Report Message. If it is not listed, reinstall it from the Microsoft 365 admin center under Integrated apps.
New Outlook Report button does not appear
The Report button is part of the New Outlook client and cannot be removed. If it does not appear, you may be running an outdated version. Close Outlook and restart it. If the button is still missing, run Office updates by going to File > Office Account > Update Options > Update Now.
| Item | Classic Outlook | New Outlook |
|---|---|---|
| Reporting method | Add-in or Junk Email folder | Built-in Report button in ribbon |
| Submission to Microsoft | Only via add-in | Automatic with each report |
| Custom submission mailbox | Requires add-in configuration | Configured in admin center |
| Add-in compatibility | COM add-ins supported | COM add-ins not loaded |
| Message removal after report | Moves to Junk or Deleted depending on add-in | Moves to Deleted Items for phishing, Junk for spam |
Now you can confidently manage junk and phishing reports in both Outlook versions. If your organization is migrating to the New Outlook, test the native Report button with a sample phishing email before switching your primary mailbox. For advanced protection, ask your IT admin to enable the “User reported settings” in the Microsoft 365 Defender portal to route copies of reported messages to your security team.