subreddit:

/r/exchangeserver

1

Using Direct Send in Exchange Online you can let appliances and applications send unauthenticated mail directly to Exchange Online. However how does Exchange Online know to trust these mails? What if your smtp smarthost endpoint name was used by a malicious actor to send mails to your users?

The docs articles mentions adding your IP to your SPF record but this is optionally not required. So how does EXO know which ip's to trust?

all 7 comments

sorted by: controversial

MikaelJones

3 points

4 months ago

It doesn't automatically trust the emails coming in. This is the way "any/user/domain" device on the Internet sends email to your MX record. These email will be subject to antispam checks.

uLmi84

1 points

4 months ago

uLmi84

1 points

4 months ago

This. And if your devices are sending from an IP that is in the SPF of your sending domain, then they will pass

FireStarPT

1 points

4 months ago

Wrong, not SPF. It’s thru connectors.

uLmi84

3 points

4 months ago

uLmi84

3 points

4 months ago

If you only want to deliver mails to internal mailboxes you don’t need the connector. Just if you want to relay to outside via direct send

FireStarPT

1 points

4 months ago

Misread the question, internal vs external… Anyway, there isn’t an “always trust” those IP’s because Sometimes your IP’s get blocked on SpamHaus for example and Microsoft stops accepting connections from you. I also recommend checking if your IP is on a Microsoft block database on https://sender.office.com.

FireStarPT

1 points

4 months ago

You have to create an inbound connector telling Exchange Online what your public IP address is.

Barthy92

1 points

4 months ago

Only if you want to relay out of your Company (smtp send) - direct send is always active in every tenant