2,387 votes73 comments · Office 365 Security & Compliance » Spam & Phishing · Flag idea as inappropriate… · Admin →Anonymous commented
They NEED TO IMPLEMENT DMARC CORRECTLY FIRST! Once you get to a reject policy you will be blindsided that it doesn't even operate correctly and that MS will still allow spoofed phishing emails into your users mailboxes!
Please upvote the core issue here https://office365.uservoice.com/users/883466164
99 votes7 comments · Office 365 Security & Compliance » Spam & Phishing · Flag idea as inappropriate… · Admin →Anonymous commented
Current behavior is that MS substitutes their own policy action of 'oreject' which actually doesn't quarantine, it is SUPPOSED to mark it as highest SCL=9 and send it to users junk mail! I say 'SUPPOSED' because in my actual observance of it's behavior in my own domain, I have seen it go straight to users' inboxes on many occasions! THIS INCLUDED MANY PHISHING EMAILS THAT SPOOFED MY INTERNAL DOMAIN ADDRESSES! It is such a gross willful violation of my companies data security it should be criminal! In-fact MS implementation of their own DMARC protocols are ALL OVER THE MAP, it doesn't even operate according to what their own knowledge base indicates. I spent 6 months perfecting my DMARC from none, to quarantine, and finally reject only to find out that now I have to setup my own series of correctly prioritized transport rules to operate as RFC7489 and as a safety net to MS missed ****. If someone has the know how to implement a properly configured DMARC policy, they shouldn't have it doubted by MS. And if someone is dumb enough to just throw up a random DMARC reject policy then they deserve the headache they produce and shouldn't be in the IT industry. MS needs to stop trying to coddle advanced features to appease people who have no business configuring such features.