SPF in Office 365 is checked using default policies, but messages are not blocked by default. If we want to block delivery of messages, that do not meet the SPF criteria, we can do this by changing the default settings.
When we change the SPF monitoring settings, Office 365 will deliver all e-mail, that does not meet the criteria, to quarantene. Read the rest
There is always a big discussion about how safe it is to synchronize a “password” to the Microsoft cloud – Azure AD.
First of all, passwords are never synchronized to the cloud. Actually, the result of the 1000th iteration of the HMAS-SHA256 hashing function is being synchronized to the cloud. Read the rest
DKIM will be more and more important in the future for authenticating legitimate e-mails. For this reason, I like to enable DKIM for all my domains in Office 365 tenants where DKIM is really easy to enable.
In Exchange Online console we can find DKIM under Protection -DKIM where we can usually see the option “Enable”. Read the rest
Microsoft MFA has become a popular way of protecting access to Office 365 and Azure services. You can also use it to protect access to Facebook and other web services.
For additional security the latest version
of Microsoft Authenticator allows you to require verification every time you
run the app on your iOS device. Read the rest