I'm using Exchange Online for our email system along with Mimecast for additional protection. Recently, I noticed that two internal emails sent by our CEO were flagged by our anti-spoofing policy in Mimecast. Surprisingly, Mimecast support informed me that these emails were handled as external messages. Both emails came from the same device and IP address, and all other internal emails are functioning normally. I'm looking for advice on how to investigate why these two emails weren't processed by the Exchange server as they should have been.
2 Answers
Have you looked into your transport rules? It's possible there's something in there affecting these emails. If necessary, you might have to tweak the anti-spoofing policy in Mimecast as a workaround. Whitelisting might seem like a quick fix, but it's not ideal since this is an important internal email.
To figure this out, you might want to check if you have a connector set up for Mimecast and review your mail flow rules. The Exchange logs can show you which connector was used. It's generally straightforward; emails should only go where you've configured them to go.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures