O365: Using SPF to Improve E-Mail Delivery
The best thing for not getting spoofed is to show that you are the domain authority, If you do so, then you don't have to worry as all servers are smart enough to identify the mails as spam if your domain gets spoofed, But nothing is default. I am listing few things you need to ensure to avoid being spoofed.
- Ensure your domain has Proper SPF Record.
- Make sure every relay IP's are being added to SPF Record.
- Office365 SPF Looks v=spf1 include:spf.protection.outlook.com ~all
- In-case you are migrating from some other server, Make sure you have no entries present in Legacy server.
- Every client you use, Outlook, Mobile App needs to be updated with all latest patches.
- Make sure you Install only recommended Plug-ins (add-ons) in Outlook
- Regular virus clean up is mandatory on client installed systems.
- Avoid sharing official email address, for such third party blogs etc.
- Great news is now Microsoft Office365 Supports DKIM & DMARC
Below are the explanations on how these steps would prevent being spammed & advantages.
Every server will do reverse lookup to see if the domain.com matches with actual sending IP based on SPF (Sender Policy Framework) Published, If not it increases SCL Value & respective spam action(Quarantine, Junk, Reject) be taken by remote servers.
So if you have SPF Published for your domain with DNS Servers, the chances of prevent spoof mails are high.
If your domain is completely hosted with Office365 & you receive spoof/phishing mails to your domain users, there is a workaround that you can simply create a transport rule to block/quarantine/delete mails comes from yourdomain.com from Outside Organization, Simple logic there is no way you gonna get the mails from external with yourdomain.com, Make sure you keep adding your relay IP under Connection Filtering to accept, As relay mails comes as an External for your domain
Don't miss out to look at the Best Practices to Configure EOP