Microsoft Defender for Office 365: Enforce authentication to pass on AntiSpam allowed domains & senders for Spoof protection

Originally posted by Microsoft Aug 11, 2022 Uncategorized 0 Comments

Currently, EOP and MDO tenant administrators can specify domains and senders to be allowed using Anti-Spam policy. However, these domains and senders can be easily spoofed by attackers. We are making changes to improve the security of sender and domain allows defined in the Antispam policy and within user allow lists so that they require the domain or sender to pass authentication in order for the allow to be honored. The change only impacts messages that are considered to be internal, that is, the sender or domain is defined as an accepted domain in your organization. All other messages are handled as they are today.

Product Microsoft Defender for Office 365
Release phase General Availability
Release date September CY2022
Platform Web
Cloud Instance GCC, DoD, Worldwide (Standard Multi-Tenant), GCC High
Created 2022-08-10
Roadmap ID 93436
Roadmap Link https://www.microsoft.com/microsoft-365/roadmap?featureid=93436

No comments yet

Leave a Reply

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: