Keep your Microsoft Online Email Routing Address secure with Red Sift OnDMARC

Every Microsoft 365 tenant includes a default domain in the format tenantname.onmicrosoft.com. This is known as the Microsoft Online Email Routing Address (MOERA).

What many don’t realize is that attackers have started using these domains to impersonate organizations in phishing attacks. If left unmonitored, MOERA domains can become a blind spot in your email security.

DMARC: Your best line of defense

The good news is you can stay protected thanks to Domain-based Message Authentication, Reporting & Conformance (DMARC). DMARC is an essential email security measure for protecting your outbound communications, and that includes protecting your default Microsoft domain (onmicrosoft.com). Failure to act could leave your domain unprotected, leading to spoofing attempts. 

For existing customers, we recommend that you add this domain to your OnDMARC account and create a DMARC record for it just like you would for your other domains. Microsoft will take care of SPF and DKIM for you and you can then add your OnDMARC reporting address into the DMARC record. 

Please note

Due to the way this domain is hosted at Microsoft, you will not be able to use Dynamic Services, but you can still set up a manual DMARC record.

For instructions on how to modify the DNS records of your MOERA domain, refer to Microsoft’s instructions here and use the same DMARC record you entered in any of the other domains in your Red Sift OnDMARC account. We also recommend setting it to an enforcement policy of quarantine or reject

Have any questions? Raise a ticket with our support team.

Not a Red Sift OnDMARC user? Start your 14-day free trial today.

PUBLISHED BY

Faisal Misle

26 Mar. 2025

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
DMARC

400,000 DMARC boost after Microsoft’s high-volume sender update

Jack Lilley

Microsoft’s decision to join Google and Yahoo in enforcing stricter rules for high-volume senders has triggered an immediate response across the internet. In the last 30 days alone, 406,042 new domains have deployed Domain‑based Message Authentication, Reporting & Conformance (DMARC), pushing the global total to 10.9 million. While not all domains will be exclusive Outlook users,…

Read more
DMARC

Red Sift partners with Gradian to strengthen email security through OnDMARC

Jack Lilley

Today Red Sift launches a new partnership with Gradian, a leading data protection provider, to offer its award-winning applications, including Red Sift OnDMARC, to new and existing customers. Established through Red Sift’s relationship with UK distributor E92plus, the two companies look to strengthen defences against phishing and Business Email Compromise (BEC) attacks. Allowing organisations…

Read more
Cybersecurity

DMARCbis: What are the changes and how to be ready

Jack Lilley

Executive Summary: DMARCbis, also known as DMARC 2.0, is the forthcoming update to the DMARC email authentication protocol, designed to address limitations and ambiguities in the original standard, with an expectation to be finalized and published in 2025. The update introduces clearer guidelines, a new method for determining organizational domains, and streamlined record management.…

Read more
Certificates

TLS certificates are changing: What you need to know

Jack Lilley

Executive summary: TLS certificates are about to get significantly shorter-lived. Starting 15 March 2026, newly issued public-trust certificates will max out at 200 days—and just three years later, that lifespan drops to 47 days. Backed by Google, Apple, and Mozilla, this shift aims to make the web safer through fresher data, faster failover, and…

Read more