I'm puzzled about a situation where emails sent from my address to my address don't get filtered into my junk folder or blocked entirely. I suspect it's some kind of spoofing happening, as I'm not the one actually sending them. I've included part of the email header for reference, which shows a failed DMARC check and SPF failures. Can anyone shed light on why this is happening?
6 Answers
What’s your goal with this issue? Are you looking to stop these spoofed emails entirely, or just filter them better?
It sounds like you're dealing with direct delivery abuse. This happens when emails are spoofed to look like they're from you, making them bypass normal filtering. You might want to check out Microsoft's tech community for more insights on managing direct sends effectively. It’s a pretty tedious issue!
Gotcha, I'll look into that link. Thanks for the tip!
Yup, another update from Microsoft just when we thought we had it sorted out... typical!
I used to think that just filtering out emails without our headers was enough! Turns out, that's just the tip of the iceberg. You'd be surprised how complex these issues get.
Have you set up DMARC with p=reject or p=quarantine? If not, I'd strongly recommend getting that in place. It's crucial for preventing these types of spoofed emails from slipping through.
We weren't rejecting before, but based on your advice, we are now. Appreciate it!
Seems like we're in a situation where companies like Microsoft and Google are controlling a lot of what goes through their systems, which is pretty far from the original open nature of the Internet.
I dealt with something similar recently. It's interesting how Microsoft 365 flags self-sent emails as suspicious if they match certain phishing patterns. Even with SPF, DKIM, and DMARC set up correctly, their tight security often overrides settings if it suspects phishing. If you’re still experiencing issues, using forensic reports could help trace the problem.
The plan is to reject or quarantine those emails to enhance security.