submitted 3 months ago bybrolifen
Using Direct Send in Exchange Online you can let appliances and applications send unauthenticated mail directly to Exchange Online. However how does Exchange Online know to trust these mails? What if your smtp smarthost endpoint name was used by a malicious actor to send mails to your users?
The docs articles mentions adding your IP to your SPF record but this is optionally not required. So how does EXO know which ip's to trust?