Connnectors & Connection Filter check MailFrom or From?

Alan McFarlane

Maybe this is covered in the docs somewhere but I haven't seen it...


Are "sender domain" values in Exchange checking RFC5321.MailFrom or RFC5322.From domain?


i.e. Spam Filter's pair of "Domain block/allow list" and New-Connector's statement "and the sender domain is an accepted domain for your organization.


The reason I ask is pesky contact forms on our (clients') website. Email from such things generally have RFC5322.From as website@foobarclient.com but RFC5321.MailFrom as the web host's host23897832.foobarwebhost.com!


EOP no happy then! The new-ish Fraud detection is flagging them now and they go to Spam folder.


Or is there best practice advice? 1) Get contact-form/website/WordPress/PHP/plugins to DKIM sign -- oh I wish; or 2) fake the RFC5322.From to match MailFrom e.g. perhaps website-foobarclient@foobarwebhost.com; 3) add overrides at Exchange -- connector or connection filter?





Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
50 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
32 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
15 Replies
Dev channel update to 80.0.355.1 is live
josh_bodner in Discussions on
67 Replies