Jun 14 2018 07:39 AM
What's the latest advice on DMARC, DKIM and SPF for Office 365 tenants?
I have configured SPF records with the Office 365 include for all domains that I manage as a minimum.
I have configured DMARC records in 'Monitor' for a few recent tenants recently, but I am yet to roll this out for all domains/tenants.
I have not configured custom DKIM for any tenants - I know that Office 365 has Default DKIM Signing configured (which is based on the default tenant domain name that you are given with all new tenants).
Microsoft recommend configuring DKIM if;
I'm trying to work out if I should set up all three of the above for all the tenants I manage? None have more than 35 users so I would classify them as SMBs.
I think if you're going to configure DKIM, you should configure DMARC to give instructions to recipient mail servers on what action to take if SPF and DKIM fail.
I have looked at DMARC reports in the past (never received a forensic report - I don't think many mail providers generate these yet?) and cannot make much sense out of the detail included.
Any advice appreciated.
Thanks
Jun 14 2018 11:06 AM
I would recommend going over this 3-part series of blog posts on the subject: https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Schooling-A-Sea-of-Phish-Part...
And this very detailed article, which also reflects the current recommendations: https://support.office.com/en-us/article/anti-spoofing-protection-in-office-365-d24bb387-c65d-486e-9...