Microsoft Defender for Office 365: DMARC Policy Handling

This article sheds light on the changes that Microsoft Defender for Office 365 plans to make towards how it handles DMARC policy-based reject and quarantine. This change is aimed at improving email deliverability and safeguarding customers from domain spoofing. The change will allow Security Administrators at enterprise level to choose how DMARC policy-based reject and quarantine are applied within their organizations.

The Anti-Phishing policy will have a new default setting to honor DMARC policy when it comes to enterprise customers. The default actions for "p=reject" and "p=quarantine" will be set to "reject" and "quarantine," respectively. However, tenant admins will have the flexibility to modify the spoof intelligence settings in the Anti-Phishing policy, choosing how to handle DMARC policy, either by rejecting or junking messages based on the sender's DMARC record.

It is important to know the rollout date of this change, which will be as follows: for standard customers, the rollout will begin on July 13th, 2023, while for Gov Cloud customers, the rollout will start on July 19, 2023. Customers will have 25 days to opt-out before the change takes effect.

It is recommended that enterprise customers review spoof intelligence insight in preparation for honoring DMARC and modify their settings if they prefer to have different DMARC actions. This article provides detailed instructions on what customers need to do to prepare for this change.

The post Microsoft Defender for Office 365: DMARC Policy Handling originally appeared on M365 Admin.