Forum Discussion
EOP or Defender for Office 365 not working as espected
Dear Security Team, We try to test EOP & Defender for Office 365 by sending on purpose SPAM URLs in emails that I know they are SPAM (a simple antispam in "EM Client"), so I forward them to an email...
Yes, a forwarded email may pass authentication check such as SPF, DKIM, and DMARC because the new sender is legit. The one case where that may not be the case is the content inspection engine, if it finds substantial keywords in the body then I would expect it to override the valid sender authentication records. So all that to say, try the testing without forwarding.