We've seen an uptick in messages that have failed the auth checks and still get through. I would open a ticket with 365 support.
What about those transport rules? Did they allow the message? worth checking...:)
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
Our organization has one distribution group containing only one member - a mail user that has an external email address. No users has been granted Send as or Send on behalf permissions.
Few days ago a member from this group received a spoofed spam email message that has been sent on behalf of the group. It looks like this email message has been sent through Microsoft 365. Now we're wondering why Microsoft hasn't blocked this email message?
Here is a report from external member email system.
Our organization has already configured DKIM and DMARC and it has always worked fine for us. But this case is a little weird. Has anyone experienced something similar?
Thanks!
We've seen an uptick in messages that have failed the auth checks and still get through. I would open a ticket with 365 support.
What about those transport rules? Did they allow the message? worth checking...:)