InfoSecBulletin Cybersecurity for mankind
Microsoft recently issued a warning to Microsoft 365 email senders. They advised them to authenticate outbound messages. This action was prompted by Google’s recent announcement of stricter anti-spam rules for bulk senders.
“By setting up email authentication for your domain, you can ensure that your messages are less likely to be rejected or marked as spam by email providers like Gmail, Yahoo, AOL, Outlook.com,” the Microsoft Defender for Office 365 team said.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
ALSO READ:
EC summoned Lands Ministry’s IT team and vendor intelligence clearence report
“This is especially important when sending bulk email (large volume email), as it helps maintain the deliverability and reputation of your email campaigns.”
Not following new email authentication standards can cause emails to be rejected or marked as spam.
Microsoft has cautioned against using Microsoft 365 for sending large amounts of emails. If emails exceed the sending limits, they may be blocked or sent to special delivery pools identified as high risk by the outbound spam controls in Exchange Online Protection (EOP).
Organizations that want to deliver bulk emails through EOP will have to abide by this outbound spam protection guidance:
- Exercise caution not to exceed the sending limits in the service by sending emails at a high rate or volume. This includes refraining from sending emails to a large list of BCC recipients.
- Refrain from using addresses in your primary email domain as senders for bulk emails, as it may impact the delivery of regular emails from senders within the domain. Instead, consider utilizing a custom subdomain exclusively for bulk email.
- Ensure that any custom subdomains are configured with email authentication records in DNS, including SPF, DKIM, and DMARC.
Microsoft warns that following their recommendations does not guarantee delivery. If your email is rejected as bulk, they suggest sending it through on-premises or a third-party provider.
