1. I just try create rule as your guide and continue monitor
2. We also has client APT , how to configure ATP to prevent from spoofing our domain ?
3. And current i see DKIM only enable on domain yhn.mail.onmicrosoft.com and yhn.onmicrosoft.com but custom my domain then not enbable , Now i must enable it ? what effect outgoing email or imcomming email when enable it ?
- do the folowing is send report to monitor this rule
But i met a problem is when gmail (not spoofing mydomain) send email inside and if inside has set rule forward outside then it will match this rule .in here seem it see email forward as Resent-From should rule match, how to fix it ?