Clicky

Microsoft Technical Bulletins

The latest updates for all the Microsoft Products you use every day.

Microsoft Exchange Curtain Reveal Tech Bulletin Header

Written by Richard Quatier

My goal is to help your business by integrating processes that automate mundane tasks and simplify complex ones without breaking budgets.

Categories: Exchange Online

August 24, 2022

Blog Home

Microsoft Defender for Office 365:Enforce Authentication to Pass on AntiSpam Allowed Domains

Exchange Online, SharePoint Development Services

From Microsoft Corporation
Technical Bulletin MC415186 · Published Aug 18, 2022

Message Summary

We are strengthening Spoofing protection within Exchange online protection and Microsoft Defender for Office 365 Anti-Spam security policy. It will provide a way to secure your organization against spoofing attacks that may otherwise occur by allowing certain domains and senders.

Applies to:

This message is associated with Microsoft 365 Roadmap ID 93436

When this will happen:

Standard: Rollout will begin in late September and will be completed by late November.

GCC/GCC-H/DoD: Rollout will begin in late November and be completed by late December.

How this will affect your organization:

Security Admins and SecOps teams today can specify allowed domains and allowed senders within the Anti-Spam policy. We recommend never adding your own accepted domains or commonly trusted domains to the allowed domains list. Moving forward, when you specify internal tenant owned/accepted domains and senders to this list, DMARC authentication check will be enforced on these domains or senders and they will be allowed by the system only if authentication passes on these domains/senders. Otherwise, despite being specified, allowing messaging from these domains will not be honored.

In this way, our system will work to protect your organization against Spoofing attacks. In case you want to allow legitimate ‘Spoofing’ from these domains and senders, you will be able to continue adding them to Tenant allow block list – Spoofing (as you can do so today).

Note: This will impact any messages that are received from outside your organization, where the sender’s domain is part of your organization accepted domain list and fails authentication.

What you need to do to prepare:

To prepare for this change it is recommended that you review the spoof intelligence report and ensure that any intra-org messages where the sender/sending domain is part of your accepted domain pass authentication as expected. Note you do not need to update items where authentication fails and that failure is expected. Review your existing Anti-Spam policies within threat policies and consider updating the list of Allowed domains / Allowed senders to allow whom you trust. We recommend updating your necessary training documents accordingly.

Learn More:

Additional information

TECHNICAL BULLETIN END

QuixTec provides this and other technical bulletins unaltered from Microsoft. As an authorized Microsoft Partner, we ensure that all our solutions we deliver to you include the latest Microsoft updates.

ABOUT US: QuixTec, LLC is a U.S. certified Veteran Owned, modern DevOps organization with experience in a plethora of IT Software Languages.  As a Microsoft Partner, we specialize in Discounted Microsoft Software Licensing, Microsoft SharePoint, Microsoft365 and HTML5 technologies for small to enterprise-sized organizations. Our dedication to IT excellence is evidenced through our PECB ISO Certification training center. The only PECB ISO authorized center in Washington State. QuixTec, implements and provides training for upcoming open-source digital marketing services that are taking the industry by storm. This solution, used by over 100,000 businesses, provides enterprise level marketing capabilities at startup rates. The founder, Richard, has 30 years of experience working with several notable companies that include World Vision, Expedia, Microsoft, Levi Strauss, NASA, Boeing Aerospace, Los Alamos National Laboratory, and the U.S. Air Force, to name a few.  QuixTec is in the Seattle area. Phone today for a free consultation and project estimate.

(425) 367-9025

LEARN MORE

SharePoint Development ServicesSharePoint Development - Custom Software Development - Microsoft 365 Experts - Microsoft 365 - IT Staffing Services - IT Staffing - WordPress Development Services - Form Email Validation - Microsoft Licensing - Mautic Open Source MarketingBest IT Staffing AgenciesIT Staffing Company  - PECB ISO Training and Certification

You May Also Like…

Scheduler for Microsoft 365 retirement

Scheduler for Microsoft 365 retirement

Exchange Online, SharePoint Development Services From Microsoft CorporationTechnical Bulletin MC424413 · Published Sep 1, 2022 Message Summary We will be retiring Scheduler for Microsoft 365 on September 1, 2023. We may bundle some of...