The New Exchange Online Protection You’ll Want to Know About

Before I even knew of the term of phishing, I would see fake emails that kind of looked real, until you looked at the URL. The body of the email would say that they were from Yahoo, but for instance, the URL of the email address would look like: Suppot@yahoodl43.co, clearly not from Yahoo. Now that I know about Phishing attacks, I’ve seen more advanced emails that actually look like it’s coming from a real email from organizations I communicate with. Attacks are getting more advanced so it’s important to have an email service that will stay up to date with the current technology that will protect from security attacks.

So it’s great that Microsoft is updating Exchange Online Protection and how Office 365 validates the From: address to prevent phishing.

Microsoft will begin rolling this feature out starting November 9, 2017.

Office 365 currently accepts messages that are sent with invalid From: addresses, that is, messages that are not in compliance with RFC 5322. These messages undergo spam filtering where they may or may not be marked as spam. Moving forward, these messages will always be marked as spam.

Microsoft’s new Exchange Online Protection feature will roll out to all customers on November 9, 2017, and the rollout will be completed within a week.

What will you need, to prepare for this change?
Most users will not have to do anything. However, if you receive some valid email from a legacy email infrastructure, you can create administrator overrides to prevent these messages from being marked as spam. This has administrative controls to enable and disable. This feature is on by default.

If you’re interested in learning more, check out this article.