I'm currently trying to tackle some serious direct send attacks we've been facing recently. We're in the process of switching from Proofpoint to just using Exchange Online Protection (EPO) with our main MX record pointing directly at the Microsoft O365 smart address.
Here's where my confusion lies: after we move our MX to the Microsoft O365 address, will we still need to have direct send enabled? And if I decide to disable direct send, will I still be able to receive emails directly into EPO without needing a third-party service?
4 Answers
If you disable direct send, you'll need an inbound connector for Proofpoint, which you should already have set up. Disabling direct send means that any emails coming in without a valid connector will just get rejected.
You might want to consider getting SMTP2GO for about $150 a year. It simplifies the process, allowing non-users to send emails with ease!
We've noticed a major spike in phishing attempts targeting our EOP recently. The EOP wasn't blocking as effectively as we’d hoped, so we redirected emails to Proofpoint, and it has been catching a lot of the threats that EOP missed. If you do move to EPO, ensure your spam and phishing protections are set up correctly. EOP can handle emails from internal systems, but I would advise against fully opening it up.
I've dealt with similar issues. We noticed that when we disabled direct send, a few automated emails from internal addresses stopped working. For now, I’ve found it best to send direct send messages to quarantine instead of disabling it entirely. Might be a good interim solution for you!
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures