Permissions Gap: "Send" as draft
We have a service application that generates and sends email within an organization on behalf of users.
It has Mail.Send. It does NOT have Mail.ReadWrite on purpose. This allows us to send email and save a copy into their sent folder, but does not allow us to arbitrarily read the user's email (and other potentially problematic/dangerous access). This is inline with the principle of least privilege.
We want to give the users the option of reviewing the generated email from within Outlook and sending it only after review. Outlook already supports this via Drafts.
Unfortunately you only have two permission levels: Mail.Send (inc. save to Sent) or Mail.ReadWrite (inc. save to Drafts).
Mail.ReadWrite is substantially too powerful for simply blindly saving an email to the Drafts folder, and I don't understand how it is substantially different from saving to their Sent Folder vis-a-vis Mail.Send.
I'm asking for no additional functionality at all. I'm asking for you to consider the concept of "Send as Draft" (i.e. save a draft but DON'T send) as being part of the Mail.Send permission. It still should have no ability to read or alter the Draft/Draft folder (i.e. blindly write, just like save to Sent today).