I'm trying to improve our email filtering in Office 365, but I've hit a wall with the standard mail flow rules. I've set up a basic anti-impersonation filter to handle emails from our domain that come from outside the organization, but it's not working well with services like Salesforce or Mailchimp that send emails as us. I've had to resort to adding clunky exceptions based on subject lines and other
3 Answers
We’ve got DMARC set up to prevent a lot of impersonation issues effectively. However, I know that some phishing emails slip through, but our system is set up intentionally for that. Just keep in mind, filtering based on DMARC settings is tricky as the rules in Defender don’t quite support that.
It's a good idea to reach out to services like SendGrid or Mailchimp directly. They might provide you with specific exceptions to set up your Microsoft 365 rules better. While I do block certain emails based on their subject lines, I always hesitate to allow exceptions that way because they can be easily manipulated. Just don't rely solely on subject lines!
Unfortunately, if you're looking for more advanced impersonation protection features, Microsoft usually prefers you to upgrade to a paid license that includes those capabilities. They offer an 'allowed to impersonate' list as part of that, which could help with managing known senders like Salesforce.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures