Make Teams messages in our tenant come from our domain like Skype does
We have a disclaimer rule to help people avoid phishing which is applied to external emails. Teams messages come from firstname.lastname@example.org Whitelisting that email address to assume it is internal doesn't seem like a good idea from a security perspective. Skype on the other hand sends from the email@example.com which we can trust given we control SPF/DKIM on our domain and spoofed email from our domain is quarantined. Skype does the right thing.
Nathan Rae commented
It is difficult to train staff to avoid Office 365 Phishing attempts by looking at the email address because any legitimate Office 365 notification comes from various external domains. For example:
I would prefer as an admin to make these services all come from my own domain and internal. It would be a lot easier to train staff on phishing attempts when I could state any valid Office 365 email notification will only come from our domain name.
Peter van de Bree commented
a company like microsoft while security is more and more important you should expect to solve this in a proper and secure way.
Dennis Aanen commented
You would expect a company like Microsoft, with all of its knowledge about mail and spam, to implement this properly from the beginning. Please fix this.
Paul Dupuis commented
Tony K. commented
100% agree. We have the same concern/issue.
Joe Guidali commented
This is really needed. Teams notifications from our own tenant should come from our own domain so that we can treat them as internal, assuming DNS security is configured appropriately. Same thing is needed with Yammer notifications.