September 30, 2023

Microsoft is working to enable users of Microsoft Defender for Office 365 to customize a new authentication mechanism in a bid to further extend its anti spoofing protection dubbed Named Authenticated Received Chain (ARC),

Microsoft has already enabled the new authentication mechanism for all Office 365 hosted mailboxes to help preserve authentication results even when an email hops through multiple intermediaries.

With this change, admins will be able to add trusted intermediaries in the Microsoft 365 Defender portal to allow Microsoft to honor these ARC signatures, thereby allowing legitimate messages.

The ability to customize ARC configurations to include additional trusted intermediaries enables message alterations with proper attribution and links the intermediary’s signatures to their domain name, thus keeping the ARC chains intact.

Email senders use authentication mechanisms such as SPF, DKIM, DMARC to authenticate emails. A legitimate intermediate service may potentially make changes to the email, which would result in the message to fail authentication by the time it lands in the recipient’s inbox.

Advertisements

Microsoft says that ARC helps preserve the email authentication results through all the intermediaries, between the originating server and the recipient’s mailbox, enabling Microsoft 365 to be able to verify the authenticity of the sender.

Thie ability to customize ARC configuration is estimated to be generally available to all Office 365 users in March 2022

Tags:

Leave a Reply

You may have missed

Progress issues Patches for Critical WS_FTP Flaws

September 29, 2023

NIST Releases SP 800-82r3 guide for OT

September 29, 2023

Cisco Semi-annual Security Advisory Summary

September 29, 2023

BlackTech Havoc’s Organizations with Cisco Router Bug

September 29, 2023

Google fixes fifth Zeroday bug in Chrome

September 28, 2023

OpenSea NFT suffers a Breach

September 28, 2023
%d bloggers like this: