By default, SPF-failed emails will still get delivered in Microsoft 365. To its credit, they do most likely end up in the Junks folder. I understand the reason behind it because even in 2023, there are still many mail servers that aren’t configured correctly. But the fact that an SPF-failed email passes through still bothers me. To stop it, you […]
After getting a lot of phishing emails with suspicious HTML attachments, I was scared and decided to pull the trigger to get them blocked on the server level so no one will see them in their Outlook inbox. Sign into Microsoft 365 Portal and go to Exchange Admin Center. Click Mail Flow on the left-side pane, and click the little […]
SPF, DKIM, and DMARC are different methods to authenticate your email to serve one dedicated purpose, detecting forged sender addresses in emails used in phishing or spam. SPF, Sender Policy Framework, allows the receiver to check that an email claiming from a specific domain comes from an IP address authorized by that domain’s admin. A typical SPF record is a […]