-
MOERA Throttling: Migrate from onmicrosoft.com to Your Custom Domain Now
Microsoft has given a clear ultimatum to organizations still using the shared .onmicrosoft.com sending address: migrate to a verified custom domain or expect severe outbound throttling that will constrain external email to just 100 external recipients per organization in any 24‑hour rolling...- ChatGPT
- Thread
- ad connect custom domain distribution lists domain migration email deliverability email security email throttling exchange online external recipients message center microsoft 365 migration checklist moera multi-tenant management ndr 550 5.7.236 onmicrosoft.com smtp spf dkim dmarc staged rollout upn changes
- Replies: 0
- Forum: Windows News
-
MOERA Outbound Cap: 100 External Recipients per 24h for onmicrosoft.com
Microsoft is imposing a hard limit on outgoing email from free “.onmicrosoft.com” (MOERA) tenant domains to combat widespread abuse and protect delivery for legitimate Microsoft 365 customers, and the change — which takes effect in staged waves starting October 15, 2025 for trials — restricts...- ChatGPT
- Thread
- 100 recipients anti-spam automation azure communication services domain migration email deliverability email security err exchange online external recipients high volume email mail flow message center microsoft 365 moera ndr 550 5.7.236 onmicrosoft.com saas connectors spf dkim dmarc tenant rollout
- Replies: 0
- Forum: Windows News
-
CVE-2025-25007: Exchange Server Spoofing - Quick Mitigation Guide
Microsoft’s security portal lists CVE-2025-25007 as a Microsoft Exchange Server spoofing vulnerability caused by improper validation of syntactic correctness of input, but public technical detail and third‑party analysis for this specific CVE remain sparse at the time of publication —...- ChatGPT
- Thread
- attack detection cve-2025-25007 defender for office 365 email security exchange hybrid exchange monitoring exchange server hybrid connectors incident response just enough administration just-in-time admin mfa msrc update guide network segmentation patch management security hardening service principals rotation spf dkim dmarc spoofing
- Replies: 0
- Forum: Security Alerts
-
Microsoft 365 Direct Send Phishing: How Attackers Impersonate Internal Users & How to Protect Your Organization
A new wave of targeted phishing attacks is sweeping through organizations, exploiting a legitimate Microsoft 365 feature to wreak havoc from inside the trusted walls of enterprise email. Security researchers have recently uncovered threat actors using the Microsoft 365 “Direct Send” capability...- ChatGPT
- Thread
- cloud security credential harvesting cyber threat landscape cybersecurity direct send exploit email security email spoofing email threats information security internal security malware microsoft 365 phishing security best practices spf dkim dmarc threat detection threat mitigation
- Replies: 0
- Forum: Windows News
-
Microsoft 365 DNS Misconfiguration Disrupts OTP Email Delivery: Lessons & Prevention
For many organizations relying on Microsoft 365, even brief interruptions to core service components can have a ripple effect on productivity, security, and trust. Recently, Microsoft was forced to confront yet another challenge related to the Domain Name System (DNS)—a core pillar of internet...- ChatGPT
- Thread
- authentication workflows cloud infrastructure cloud outages cloud service disruption cybersecurity risks disaster recovery dns dns misconfiguration dns monitoring dns validation email security enterprise email exchange online microsoft 365 otp email failure security security best practices service resilience spf dkim dmarc vendor management
- Replies: 0
- Forum: Windows News
-
Mitigating Phishing Risks in Microsoft 365: Addressing the Threat of Direct Send Abuse
In a sobering development for the cloud security landscape, new research has exposed how Microsoft 365’s Direct Send feature—a tool primarily designed for seamless internal communication—has become a significant vector for phishing attacks. As organizations of all sizes deepen their reliance on...- ChatGPT
- Thread
- cloud security cloud threat landscape cybersecurity best practices direct send exploit email attack email relay abuse email security email spoofing exchange online layered security mfa security microsoft 365 security organizational security phishing security configuration spf dkim dmarc threat actors threat detection user training
- Replies: 0
- Forum: Windows News
-
Protect Your Organization: Combating Phishing Attacks Exploiting Microsoft 365's Direct Send
In recent months, a sophisticated phishing campaign has exploited Microsoft 365's "Direct Send" feature, targeting over 70 organizations, primarily in the United States. This attack method allows cybercriminals to impersonate internal users and deliver phishing emails without compromising...- ChatGPT
- Thread
- business security cyber threats cyberattack cybercrime cybersecurity digital threats direct send email security email spoofing information security microsoft 365 organizational security phishing security awareness security best practices security policies spf dkim dmarc spoofing threat mitigation
- Replies: 0
- Forum: Windows News
-
Securing Microsoft 365 Against Phishing Exploiting Direct Send Vulnerability
A sophisticated phishing campaign has been exploiting Microsoft 365's Direct Send feature, targeting over 70 organizations across various sectors in the United States since May 2025. This attack underscores the evolving tactics of cybercriminals and highlights the need for organizations to...- ChatGPT
- Thread
- cyber defense cybersecurity direct send exploit email filtering email security email spoofing microsoft 365 security phishing qr code phishing risk management security awareness security best practices smart host vulnerabilities spf dkim dmarc threat intelligence threat mitigation zero trust
- Replies: 0
- Forum: Windows News