Every Microsoft 365 tenant includes a default domain in the format tenantname.onmicrosoft.com. This is known as the Microsoft Online Email Routing Address (MOERA).
What many don’t realize is that attackers have started using these domains to impersonate organizations in phishing attacks. If left unmonitored, MOERA domains can become a blind spot in your email security.
DMARC: Your best line of defense
The good news is you can stay protected thanks to Domain-based Message Authentication, Reporting & Conformance (DMARC). DMARC is an essential email security measure for protecting your outbound communications, and that includes protecting your default Microsoft domain (onmicrosoft.com). Failure to act could leave your domain unprotected, leading to spoofing attempts.
For existing customers, we recommend that you add this domain to your OnDMARC account and create a DMARC record for it just like you would for your other domains. Microsoft will take care of SPF and DKIM for you and you can then add your OnDMARC reporting address into the DMARC record.
Please note
Due to the way this domain is hosted at Microsoft, you will not be able to use Dynamic Services, but you can still set up a manual DMARC record.
For instructions on how to modify the DNS records of your MOERA domain, refer to Microsoft’s instructions here and use the same DMARC record you entered in any of the other domains in your Red Sift OnDMARC account. We also recommend setting it to an enforcement policy of quarantine or reject.
Have any questions? Raise a ticket with our support team.
Not a Red Sift OnDMARC user? Start your 14-day free trial today.
