How to Setup Office 365 SPF, DKIM, and DMARC

Office 365 has a compelling suite of security features. In fact you can justify the migrating your business email to Office 365 (Exchange Online) even from a security perspective, to ramp up your security best practices.

Email protection and authentication in Office 365 requires manual work. Deterring email spoofing (impersonating your email “from” address) includes as a solid start – the SPF, DKIM, and DMARC email authentication standards.

  1. To setup SPF in Office 365 to prevent spoofing:
  2. To setup DKIM in Office 365 to validate your outgoing email from your business domain:
  3. DMARC depends on SPF and DKIM to work. Once SPF and DKIM are configured, tested, and working – don’t forget DMARC.