{"id":40210,"date":"2020-05-25T08:00:41","date_gmt":"2020-05-25T13:00:41","guid":{"rendered":"https:\/\/www.haxxess.com\/?p=40210"},"modified":"2020-05-20T14:48:31","modified_gmt":"2020-05-20T19:48:31","slug":"email-authentication-microsoft-365","status":"publish","type":"post","link":"https:\/\/www.haxxess.com\/email-authentication-microsoft-365","title":{"rendered":"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img loading=\"lazy\" width=\"750\" height=\"501\" src=\"https:\/\/www.haxxess.com\/wp-content\/uploads\/2020\/05\/bigstock-Poznan-Pol-Dec-La-348371653.jpg\" alt=\"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation\" class=\"wp-image-40209\" srcset=\"https:\/\/www.haxxess.com\/wp-content\/uploads\/2020\/05\/bigstock-Poznan-Pol-Dec-La-348371653.jpg 750w, https:\/\/www.haxxess.com\/wp-content\/uploads\/2020\/05\/bigstock-Poznan-Pol-Dec-La-348371653-300x200.jpg 300w\" sizes=\"(max-width: 750px) 100vw, 750px\" \/><\/figure>\n\n\n\n<p>Imagine that you\u2019re going through a usual day at the office, then a panicked call comes in from one of your customers. Their office received multiple phishing emails from your company email address and they think one employee may have clicked on a link and infected their system with malware.<\/p>\n\n\n\n<p>You immediately have your IT support professional check to see if your email accounts have been hacked, but all looks fine and there is no sign of any phishing being sent. Upon further inspection, it\u2019s found that the phishing attack did not come from your company at all, but the attacker did use your company\u2019s email address in the \u201cFrom\u201d line, fooling your customer into thinking it was from you.<\/p>\n\n\n\n<p>This type of scenario happens all too often and is called \u201cemail spoofing.\u201d It\u2019s when a legitimate company\u2019s email domain (i.e. @goodcompany.com) is used as a decoy in the \u201cFrom\u201d area of an email message, but the message is actually sent from another email address (i.e. hacker@xyz.com).<\/p>\n\n\n\n<p>Email spoofing causes multiple problems for businesses, including:<\/p>\n\n\n\n<ul><li>Can trick customers, vendors, and its own employees into clicking a malicious phishing link<\/li><li>Can damage a company\u2019s reputation<\/li><li>Protections against email spoofing can cause legitimate emails to get bounced<\/li><\/ul>\n\n\n\n<p><strong><em>In&nbsp;&nbsp;2-year study of email spoofing, it was found&nbsp;<\/em><\/strong><a href=\"https:\/\/ironscales.com\/blog\/Secure-Email-Gateways-Miss-99-Percent-of-All-Non-Trivial-Email-Spoofing-Attacks\/\"><strong><em>that 99%<\/em><\/strong><\/a><strong><em>&nbsp;got through secure email gateways.<\/em><\/strong><\/p>\n\n\n\n<p>Approximately 73.5% of all email spoofing uses an exact sender name impersonation in the \u201cFrom\u201d line. Historically, email spoofing has been a weak spot in&nbsp;<a href=\"https:\/\/www.haxxess.com\/network-security-services\">network security<\/a>&nbsp;for email server gateways.&nbsp;<\/p>\n\n\n\n<p>But because it\u2019s become so prevalent as a way to get users to trust a fake phishing email, and because email is main cause of data breaches, email providers have been increasing their detection of and safeguards against email spoofing.<\/p>\n\n\n\n<p>An example of this is Microsoft. They recently added new anti-spoofing safeguards in&nbsp;<a href=\"https:\/\/www.haxxess.com\/microsoft-office-365\">Microsoft Office 365<\/a>&nbsp;to help combat this tactic, which can ruin company reputations and lead to data breach incidents.<\/p>\n\n\n\n<h2><strong>What is SPF, DKIM, and DMARC for Email Authentication?<\/strong><\/h2>\n\n\n\n<p>If you\u2019ve noticed your legitimate emails getting blocked recently or if you haven\u2019t been able to get a customer\u2019s email as usual, the new email-spoofing protections may be the reason.<\/p>\n\n\n\n<p>If your email server is not set up correctly, then when you send email from a third-party cloud app (like Mail Chimp), it could be seen as email spoofing and routed to a junk or quarantine folder.<\/p>\n\n\n\n<p>This is easily remedied by properly setting up email authentication protocols on your mail server that are designed to confirm your email is actually from you. By employing these authentications, you can also help stop hackers from spoofing your email address and protect your reputation.<\/p>\n\n\n\n<h3><strong>Anti-Phishing Protection in Microsoft 365<\/strong><\/h3>\n\n\n\n<p>Microsoft has added the following&nbsp;<a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/office-365-security\/anti-phishing-protection?view=o365-worldwide\">features<\/a>&nbsp;in Exchange Online Protection (EOP) to help protect users from phishing and email spoofing.<\/p>\n\n\n\n<ul><li><strong>Spoof intelligence:<\/strong>&nbsp;Detects and blocks spoofed email messages<\/li><li><strong>Anti-phishing policies:<\/strong>&nbsp;Controls to turn on \u201cunauthenticated sender identification\u201d and \u201cspoof intelligence\u201d in Outlook and specify the action to take with a message<\/li><li><strong>Implicit email authentication:<\/strong>&nbsp;Uses the SPF\/DKIM\/DMARC protocols to identify forged senders<\/li><\/ul>\n\n\n\n<p>Implicit email authentication uses three protocols that work in concert to confirm the authenticity of an email and to let the incoming email server know if it\u2019s passed authentication tests.&nbsp;<\/p>\n\n\n\n<p>These protocols do three important things:<\/p>\n\n\n\n<ul><li>Help your legitimate messages get through so they\u2019re not accidentally blocked by email-spoofing filters<\/li><li>Make it harder for spammers to spoof your company\u2019s email domain<\/li><li>Alert you if someone is sending email spoofing your domain<\/li><\/ul>\n\n\n\n<p>Here is a rundown of each protocol. They are all designed to work together, like three legs of a stool.<\/p>\n\n\n\n<h3><strong>SPF (Sender Policy Framework)<\/strong><\/h3>\n\n\n\n<p>The SPF protocol confirms to the receiving mail server that the IP address of the sending mail server is allowed to send mail for your domain.&nbsp;<\/p>\n\n\n\n<p>During the SPF setup process, you\u2019ll include the IP addresses for any cloud services (like Mail Chimp, Zendesk, etc.) that you use for sending email, so they\u2019re not mistakenly identified as spoofing.<\/p>\n\n\n\n<h3><strong>DKIM (DomainKeys Identified Email)<\/strong><\/h3>\n\n\n\n<p>This step in the authentication process lets the receiving mail server know that the email sender and other important details have not been altered.&nbsp;<\/p>\n\n\n\n<p>DKIM uses two authentication keys, one that remains on your email server and one embedded with the message. The incoming server checks and matches these upon receipt.<\/p>\n\n\n\n<h3><strong>DMARC (Domain-based Message Authentication, Reporting, and Conformance)<\/strong><\/h3>\n\n\n\n<p>This final step confirms to the receiving mail server whether or not both SPF and DKIM have authenticated properly.<\/p>\n\n\n\n<p>Next, DMARC lets the mail server what to do with the message if it hasn\u2019t passed (i.e. block or send to junk folder).<\/p>\n\n\n\n<p>It also can include instructions to report back to your mail server all emails that have passed or failed authentication. This allows you to be alerted if an unauthorized sender is trying to spoof your email domain.<\/p>\n\n\n\n<h2>Get Help Securing &amp; Authenticating Your Emails<\/h2>\n\n\n\n<p>Haxxess can help your business set up email authentication in Microsoft 365 or another mail program to safeguard your email and your reputation.<\/p>\n\n\n\n<p><strong>Contact us today to schedule a free consultation! Call 705-222-8324 or\u00a0<\/strong><a href=\"https:\/\/www.haxxess.com\/contact-us\"><strong>reach out online<\/strong><\/a><strong>.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Imagine that you\u2019re going through a usual day at the office, then a panicked call comes in from one of your customers. Their office received multiple phishing emails from your company email address and they think one employee may have clicked on a link and infected their system with malware. You immediately have your IT [&hellip;]<\/p>\n","protected":false},"author":3,"featured_media":40209,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v18.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation - Sudbury IT Services | Computer Support | (705) 222 8324 (TECH<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.haxxess.com\/email-authentication-microsoft-365\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation - Sudbury IT Services | Computer Support | (705) 222 8324 (TECH\" \/>\n<meta property=\"og:description\" content=\"Imagine that you\u2019re going through a usual day at the office, then a panicked call comes in from one of your customers. Their office received multiple phishing emails from your company email address and they think one employee may have clicked on a link and infected their system with malware. You immediately have your IT [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.haxxess.com\/email-authentication-microsoft-365\" \/>\n<meta property=\"og:site_name\" content=\"Sudbury IT Services | Computer Support | (705) 222 8324 (TECH\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-25T13:00:41+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-20T19:48:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.haxxess.com\/wp-content\/uploads\/2020\/05\/bigstock-Poznan-Pol-Dec-La-348371653.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"750\" \/>\n\t<meta property=\"og:image:height\" content=\"501\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"techblogbuilder\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.haxxess.com\/#website\",\"url\":\"https:\/\/www.haxxess.com\/\",\"name\":\"Sudbury IT Services | Computer Support | (705) 222 8324 (TECH\",\"description\":\"Haxxess Enterprise Corporation\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.haxxess.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.haxxess.com\/wp-content\/uploads\/2020\/05\/bigstock-Poznan-Pol-Dec-La-348371653.jpg\",\"contentUrl\":\"https:\/\/www.haxxess.com\/wp-content\/uploads\/2020\/05\/bigstock-Poznan-Pol-Dec-La-348371653.jpg\",\"width\":750,\"height\":501,\"caption\":\"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#webpage\",\"url\":\"https:\/\/www.haxxess.com\/email-authentication-microsoft-365\",\"name\":\"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation - Sudbury IT Services | Computer Support | (705) 222 8324 (TECH\",\"isPartOf\":{\"@id\":\"https:\/\/www.haxxess.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#primaryimage\"},\"datePublished\":\"2020-05-25T13:00:41+00:00\",\"dateModified\":\"2020-05-20T19:48:31+00:00\",\"author\":{\"@id\":\"https:\/\/www.haxxess.com\/#\/schema\/person\/243ee5ff892d34d7dd9afa0c3e2862de\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.haxxess.com\/email-authentication-microsoft-365\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.haxxess.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.haxxess.com\/#\/schema\/person\/243ee5ff892d34d7dd9afa0c3e2862de\",\"name\":\"techblogbuilder\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.haxxess.com\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e954263c70f701b3a5fc331829c36d5c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e954263c70f701b3a5fc331829c36d5c?s=96&d=mm&r=g\",\"caption\":\"techblogbuilder\"},\"url\":\"https:\/\/www.haxxess.com\/author\/techblogbuilder\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation - Sudbury IT Services | Computer Support | (705) 222 8324 (TECH","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.haxxess.com\/email-authentication-microsoft-365","og_locale":"en_US","og_type":"article","og_title":"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation - Sudbury IT Services | Computer Support | (705) 222 8324 (TECH","og_description":"Imagine that you\u2019re going through a usual day at the office, then a panicked call comes in from one of your customers. Their office received multiple phishing emails from your company email address and they think one employee may have clicked on a link and infected their system with malware. You immediately have your IT [&hellip;]","og_url":"https:\/\/www.haxxess.com\/email-authentication-microsoft-365","og_site_name":"Sudbury IT Services | Computer Support | (705) 222 8324 (TECH","article_published_time":"2020-05-25T13:00:41+00:00","article_modified_time":"2020-05-20T19:48:31+00:00","og_image":[{"width":750,"height":501,"url":"https:\/\/www.haxxess.com\/wp-content\/uploads\/2020\/05\/bigstock-Poznan-Pol-Dec-La-348371653.jpg","type":"image\/jpeg"}],"twitter_card":"summary","twitter_misc":{"Written by":"techblogbuilder","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.haxxess.com\/#website","url":"https:\/\/www.haxxess.com\/","name":"Sudbury IT Services | Computer Support | (705) 222 8324 (TECH","description":"Haxxess Enterprise Corporation","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.haxxess.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#primaryimage","inLanguage":"en-US","url":"https:\/\/www.haxxess.com\/wp-content\/uploads\/2020\/05\/bigstock-Poznan-Pol-Dec-La-348371653.jpg","contentUrl":"https:\/\/www.haxxess.com\/wp-content\/uploads\/2020\/05\/bigstock-Poznan-Pol-Dec-La-348371653.jpg","width":750,"height":501,"caption":"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation"},{"@type":"WebPage","@id":"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#webpage","url":"https:\/\/www.haxxess.com\/email-authentication-microsoft-365","name":"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation - Sudbury IT Services | Computer Support | (705) 222 8324 (TECH","isPartOf":{"@id":"https:\/\/www.haxxess.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#primaryimage"},"datePublished":"2020-05-25T13:00:41+00:00","dateModified":"2020-05-20T19:48:31+00:00","author":{"@id":"https:\/\/www.haxxess.com\/#\/schema\/person\/243ee5ff892d34d7dd9afa0c3e2862de"},"breadcrumb":{"@id":"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.haxxess.com\/email-authentication-microsoft-365"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.haxxess.com\/email-authentication-microsoft-365#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.haxxess.com\/"},{"@type":"ListItem","position":2,"name":"Why You Need to Set up Email Authentication in Microsoft 365 to Protect Your Reputation"}]},{"@type":"Person","@id":"https:\/\/www.haxxess.com\/#\/schema\/person\/243ee5ff892d34d7dd9afa0c3e2862de","name":"techblogbuilder","image":{"@type":"ImageObject","@id":"https:\/\/www.haxxess.com\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/e954263c70f701b3a5fc331829c36d5c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e954263c70f701b3a5fc331829c36d5c?s=96&d=mm&r=g","caption":"techblogbuilder"},"url":"https:\/\/www.haxxess.com\/author\/techblogbuilder"}]}},"_links":{"self":[{"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/posts\/40210"}],"collection":[{"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/comments?post=40210"}],"version-history":[{"count":1,"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/posts\/40210\/revisions"}],"predecessor-version":[{"id":40211,"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/posts\/40210\/revisions\/40211"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/media\/40209"}],"wp:attachment":[{"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/media?parent=40210"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/categories?post=40210"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.haxxess.com\/wp-json\/wp\/v2\/tags?post=40210"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}