Hello,
Microsoft doesn't limit FROM header spoof? I saw message like:
Envelope from: example.user207@<redacted>.onmicrosoft.com
To: <address on my domain>
From: support@<fake domain made from *username* of recipient>
For example if TO=rob...@example.com then FROM=supp...@robert.com
Is too complicated for microsoft check the FROM header belong to the
senders account?
Is best always reject mail from <anything>.onmicrosoft.com?
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
