Anti-mail spoofing in O365

Copper Contributor


Some user in my organization reported that he received a mail from another collaborator (same internal domain).

The mail look very legit (right sender and recipient adress) but after looking trought the header, it was easy so see it's a spoofed mail . How can i setup a protection from O365, what is the best practice please.

The  SMTP mail from adress and Return path have been modified :




1 Reply


I thought


1. Make sure anti-spoofing in your tenant:

Anti-spoofing protection - Office 365 | Microsoft Learn

2. Make sure your Email Domain security:

What are DMARC, DKIM, and SPF? | Cloudflare