ORCA.244 - Policies are configured to honor sending domains DMARC.
Overview
Domain-based Message Authentication, Reporting & Conformance (DMARC) is a standard that helps prevent spoofing by verifying the senders identity. If an email fails DMARC validation, it often means that the sender is not who they claim to be, and the email could be fraudulent. The owner of the sending domain controls the DMARC policy for their domain, and provides recommendations to receivers on what action should be performed when DMARC fails. When the Honor DMARC Policy setting is set to False, the organisations policy is not considered. It is recommended to honor this policy.
Remediation action
Configure anti-phish policy to honor sending domains DMARC configuration.
Related Links
- Announcing New DMARC Policy Handling Defaults for Enhanced Email Security
- Microsoft 365 Defender Portal - Anti-phishing
Test Metadata
| Field | Value |
|---|---|
| Test ID | ORCA.244 |
| Severity | Medium |
| Suite | ORCA |
| Category | EXO |
| PowerShell test | Test-ORCA244 |
| Tags | EXO, ORCA, ORCA.244 |
Source
- Pester test:
tests/orca/Test-ORCA244.Tests.ps1 - PowerShell source:
powershell/public/orca/Test-ORCA244.ps1