Trusting messages from Microsoft

%3CLINGO-SUB%20id%3D%22lingo-sub-1846609%22%20slang%3D%22en-US%22%3ETrusting%20messages%20from%20Microsoft%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1846609%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20setup%20a%20mail%20flow%20rule%20in%20Office%20365%20Exchange%20for%20External%20Messages.%26nbsp%3B%20It%20prepends%20%22External%22%20to%20the%20subject%20and%20prepends%20a%20disclaimer%20at%20the%20top%20of%20the%20message.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%20data-unlink%3D%22true%22%3EMy%20question%20is%20--%20can%20we%20safely%20exempt%20domains%20such%20as%26nbsp%3Bemail.teams.microsoft.com%26nbsp%3B%3F%26nbsp%3B%20These%20are%20messages%20that%20come%20from%20Microsoft%20%2F%20Office%20365.%26nbsp%3B%20My%20concern%20is%20--%20is%20there%20any%20way%20for%20these%20domains%20to%20be%20spoofed%20that%20would%20fool%20the%20mail%20rule%20exemption%3F%3C%2FP%3E%3CP%20data-unlink%3D%22true%22%3E%26nbsp%3B%3C%2FP%3E%3CP%20data-unlink%3D%22true%22%3EThank%20you.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1846609%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1847863%22%20slang%3D%22en-US%22%3ERe%3A%20Trusting%20messages%20from%20Microsoft%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1847863%22%20slang%3D%22en-US%22%3E%3CP%3EThey%20can%20be%20spoofed%20and%20you%20shouldnt%20be%20excluding%20anything%20based%20on%20the%20email%20address%20alone.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Contributor

We setup a mail flow rule in Office 365 Exchange for External Messages.  It prepends "External" to the subject and prepends a disclaimer at the top of the message.

 

My question is -- can we safely exempt domains such as email.teams.microsoft.com ?  These are messages that come from Microsoft / Office 365.  My concern is -- is there any way for these domains to be spoofed that would fool the mail rule exemption?

 

Thank you.

1 Reply

They can be spoofed and you shouldnt be excluding anything based on the email address alone.