Exchange Online
A Microsoft email and calendaring hosted service.
6,173 questions
Allowed Spoofing - DNS or Microsoft tools?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 90%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDB%3C/text%3E%3C/svg%3E)
Daniel Birrell
46
Reputation points
Hi,
Normally when dealing with allowed spoofing we would use DNS/DKIM/SPF records etc to allow an external org (mailer for example) to send on behalf of our org.
Microsoft offer allowed spoofing via Spoof Intelligence Insight and tenant allow block list
My questions is as follows
Between DNS config and Using Defender tools what is the difference and is one more secure then the other?
Exchange Online
Exchange | Exchange Server | Management
7,922 questions
Exchange | Other
694 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYS%3C/text%3E%3C/svg%3E)
Yuki Sun-MSFT 41,376 Reputation points Moderator2023-02-08T07:33:23.5233333+00:00 Hi @Daniel Birrell ,
Just wondering what your main concern is. Are you looking for a better way to set up allowed spoofing for an external org to send mails out on behalf of your domain? Or you are interested in how to better protect users in your organization from spoofing?
Below are two potentially helpful document for reference:
-
Yuki Sun-MSFT 41,376 Reputation points Moderator
2023-02-13T07:17:28.1066667+00:00 Hi @Karthick Ravi,
Just checking in to see how things are going on with this thread. If you still have further concern on this, please feel free to post back.
Sign in to comment
Sign in to answer