Microsoft has designed multiple spam filters to protect email security in Office 365. Whilst these are a great first line defense in the fight against spam, they do not guard against the threat of email fraudsters.

Office 365 email


This is why we recommend organizations configure additional validation systems to enhance their email security. If your business experiences;

We recommend enabling the following protection mechanisms designed to detect and prevent email security threats.

Email Security – Protection Mechanisms

– Sender Policy Framework (SPF)

An SPF is a record set up in DNS that lists all servers from which your email can be sent.

The idea is that a receiving server checks your email is coming from a legitimate source in your SPF, if the server your email came from isn’t on the list, the receiving server detects it’s not coming from a legitimate source.

The purpose of an SPF record is to detect and prevent spammers from sending messages with spoofed or forged email addresses.Email security

– DomainKeys Identified Mail (DKIM)

DKIM is an authentication method that helps detect forged sender email addresses. It verifies the sending of a message using a cryptographic authentication verification process.

By assigning a digital signature to a domain, DKIM can allow a receiver to check emails have been authorized by you, the owner of the domain.

– Domain Message Authentication Reporting & Conformance (DMARC)

DMARC is built on top of SPF and DKIM to enable domain owners the ability to publish a policy in DNS records that specifies which mechanism (SPF, DKIM or both) are being used when sending email from their domains.

These defense mechanisms are available to all Office 365 email users but we recommend the help of experienced IT administrators to ensure they are configured correctly.

If your business is interested in email security and the fight against spam and scams, please contact our team of email specialists to find out more.