Hey everyone,
I need some help blocking certain emails within my organization. Specifically, I want to stop any email from being delivered to any recipient if any of the recipients have a lookalike domain, like ammazon.com instead of amazon.com. We've had some issues with vendors getting hacked, and I've noticed these lookalike domains being used more frequently. It's concerning because they often include multiple people in the email chain, making it seem legit at first glance.
I've tried using a DLP policy, mail flow rules, and tenant allow/block lists, but while these can block emails going to the fake domain, they don't prevent emails from reaching other legitimate recipients. I'm also open to suggestions if this whole approach is flawed. Just a solo admin working in a Microsoft Business Premium environment, so any advice would be greatly appreciated.
Thanks!
1 Answer
Unfortunately, you can't control what external companies do with similar domains. The best you can do is block inbound emails for your users. There are services that can help monitor and fight against these kinds of domain registrations, but at the end of the day, you'll still need to educate your staff and partners about the risks.
I get that, but isn't it possible to manage inbound and outbound emails based on recipient domains within my organization? Would I need something beyond the Business Premium suite, like additional security services?