Trusting messages from Microsoft


We setup a mail flow rule in Office 365 Exchange for External Messages.  It prepends "External" to the subject and prepends a disclaimer at the top of the message.


My question is -- can we safely exempt domains such as ?  These are messages that come from Microsoft / Office 365.  My concern is -- is there any way for these domains to be spoofed that would fool the mail rule exemption?


Thank you.

1 Reply

They can be spoofed and you shouldnt be excluding anything based on the email address alone.