Forum Discussion

RobertS00's avatar
RobertS00
Copper Contributor
Feb 09, 2023
Solved

SPF exception in EOP

Can I configure something like SPF exception for particular incoming SMTP domains? I mean- if I receive emails from domains with not properly configured or without SPF records I don't want to have th...
exchange online
  • mderooij's avatar
    mderooij
    Feb 10, 2023
    TenantAllowBlockListSpoofItems are meant for cases when organizations sending you messages don't have their configuration in order. I prefer not using rules, as 1) over time people don't maintain these, 2) they tent to grow and nobody knows what these entries were for in few months. When submitting TABL (through submit false positives), you can also time-restrict the exception, as the sender needs to take action (and you are usually not the only recipient having to implement workarounds)
Mark_Albin's avatar
Mark_Albin
Brass Contributor
Feb 13, 2023

RobertS00 

 

Hi Robert,

 

Yes, it is possible to configure SPF exceptions for specific incoming SMTP domains in Microsoft Exchange Online Protection (EOP). To do this, you need to create a custom connection filter that bypasses SPF checks for emails coming from specific domains. Here's how to create a custom connection filter:

  1. Log in to the Microsoft 365 admin center.

  2. Go to the Security & Compliance Center.

  3. Go to Threat management > Policy > Connection filter.

  4. Click the Add button to create a new connection filter.

  5. Enter a name for the connection filter, and select the "Bypass SPF check" option.

  6. In the "Apply this connection filter to" section, select the domains for which you want to bypass the SPF check.

  7. Save the connection filter.

Once you have created the custom connection filter, EOP will bypass the SPF check for emails coming from the specified domains, and the emails will not be sent to the junk or quarantine folder.

Please note that bypassing the SPF check for specific domains can reduce the effectiveness of your spam and phishing protection, so it should only be used as a last resort if necessary. Additionally, make sure to regularly review and update your connection filters to ensure that they are effective in protecting your organization from unwanted email.

 

(external link removed by moderator)

  • douglascornu's avatar
    douglascornu
    Copper Contributor
    Jan 23, 2025

    Good morning,

    this topic really interesting and I would like to find a way to apply it. Do you know how to proceed with the new interface of security.microsoft.com? The steps that you provide are not longer avalaible.

Resources