Forum Discussion
Disable Direct Send in Exchange Online to Mitigate Ongoing Phishing Threats
Direct Send allows devices and applications to send unauthenticated emails over port 25 directly to Exchange Online. While this may support legacy devices like printers or scanners, it also opens the door for threat actors to deliver spoofed emails without authentication. These messages often appear to come from trusted internal sources, making them especially dangerous.
To reduce your organization’s exposure to this threat, it's strongly recommended to disable Direct Send using Microsoft’s newly introduced RejectDirectSend setting.
You can quickly enable this setting using PowerShell:
Connect-ExchangeOnline
Set-OrganizationConfig -RejectDirectSend $trueIf you still have devices or applications that need to send emails, use authenticated SMTP submission or set up connector-based routing with certificate or IP restrictions.
2 Replies
Will this cause any issues for users sending emails to themselves?
Configure devices and apps to send email via SMTP with authentication, which is more secure. Use dedicated connectors with IP restrictions or certificates to control email flow securely.
