This is the first post in a series called ‘SOS – Sick of SPAM’ regarding how to tackle SPAM and Spoofing emails on the Office 365 Exchange Online platform.

Having dealt with my fair share of SPAM and Spoofed sender emails, I’ve found and developed, a few techniques for tackling the situation.

One thing to check, that is often overlooked, is if your Office 365 Distribution Groups are locked down to only receive emails from internal senders. By default they will allow mail from both internal and external senders. This might not suit your environment, but it can be a great way to cut down on unwanted emails.

Once you’ve restricted sending to only internal senders any external senders will receive the following undeliverable bounce message from Office 365.

With Office 365 Online Distribution Groups

  1. Navigate to the Exchange Admin Center – https://admin.exchange.microsoft.com/
  2. From the left hand menu select Recipients > Groups
  3. Select Distribution list from the top menu, then select the list you want to edit. From the Settings tab of the pane that opens select “Edit delivery management“.
  4. You can then select “Only allow messages from people inside my organisation“. You can also restrict who can send messages to the distribution group by specifying senders.

 

Local Active Directory Synced Distribution Groups (or mail enabled Security Groups)

  1. You’ll need to have “Advanced Features” enabled in Active Directory Users and Groups. This is selected under the “View” menu.
  2. Open the Distribution Group and select the “Attribute Editor” tab. Then change the msExchRequireAuthToSendTo attribute to TRUE
  3. At your next Azure AD Sync the value will be written to Azure and the Distribution Group won’t accept mail from an external sender.

If you’ve got any ideas or techniques that work to help cut down on SPAM please share them with me on Twitter @jacobcurulli