Forum Discussion
Rely solely on DKIM, remove spf.protection.outlook.com from SPF record?
Question: Is there anyone that already has removed the spf.protection.outlook.com entry for their Office 365 hosted mail domain, and how has this impacted deliverability? Situation: In order...
Interesting question and my answer is to keep the spf.protection.outlook.com from SPF record.
1. SPF in hard fail
2. DKIM for all your custom domains
3. DMARC policy with strict alignment DKIM mode
Like this you increased your email securization outbounds flow to be delivered only if itself respect SPF *AND* DKIM at the same time.
Above all, not for agree with Exchange online but if your domain is spoofed from their platform you have more possibility in case of request to get the identity of the sender (as his account rely on a license what supposed to be registered with a credit card...).