Make Teams messages in our tenant come from our domain like Skype does
We have a disclaimer rule to help people avoid phishing which is applied to external emails. Teams messages come from firstname.lastname@example.org Whitelisting that email address to assume it is internal doesn't seem like a good idea from a security perspective. Skype on the other hand sends from the email@example.com which we can trust given we control SPF/DKIM on our domain and spoofed email from our domain is quarantined. Skype does the right thing.
Similarly, I am having the issue with firstname.lastname@example.org using the friendly name of the employee that sent it, i.e. "Jane Doe."
My people know not to trust mails that pretend to be from a coworker but that shown the wrong email address --- which is exactly the case here.
Furthermore, we set up our spam service to quarantine anything coming from the friendly name of internal employees in the hopes of reducing spear-phishing. And yes, we do rarely end up having land into spam legitimate outside persons that have the same name as an employee.
In this case, if sending as from email@example.com, then Microsoft should not use the friendly name of the employee that sent it.
We are approximately around 160K users in our organization, and we are currently implementing marking on external emails. However, mail notification from TEAMS are treated as External, we would like to make an exemption for this, BUT the sender address used for sending TEAMS notification is the same sender address when our business partners TEAMS where we are also members is the same. We could not also identify a field in the message HEADER that could differentiate this email.
This looks like hole that can be easily exploited and send similar emails/spoof our users using the teams address. And looks like this is the same with other Ofc365 products.
This must be address by Microsoft with HIGH PRIORITY. We want solution here since we are big user community.
Nathan Rae commented
It is difficult to train staff to avoid Office 365 Phishing attempts by looking at the email address because any legitimate Office 365 notification comes from various external domains. For example:
I would prefer as an admin to make these services all come from my own domain and internal. It would be a lot easier to train staff on phishing attempts when I could state any valid Office 365 email notification will only come from our domain name.
Peter van de Bree commented
a company like microsoft while security is more and more important you should expect to solve this in a proper and secure way.
Dennis Aanen commented
You would expect a company like Microsoft, with all of its knowledge about mail and spam, to implement this properly from the beginning. Please fix this.
Paul Dupuis commented
Tony K. commented
100% agree. We have the same concern/issue.
Joe Guidali commented
This is really needed. Teams notifications from our own tenant should come from our own domain so that we can treat them as internal, assuming DNS security is configured appropriately. Same thing is needed with Yammer notifications.