SPF record will reduce the likelihood of your domain name getting fraudulently spoofed and keep your messages from getting flagged as spam before they reach your recipients. Email spoofing is the creation of email messages with a forged sender address something that is simple to do because many mail servers do not perform authentication. Spam and phishing emails typically use such spoofing to mislead the recipient about the origin of the message, using the following method you can block such forged senders.
Login in to office 365 Portal (https://login.microsoftonline.com)
Click on “Admin” >> Exchange from the Exchange admin center
Click on “Mail Flow” >> Rules >> Click on “+” and select “Create a new rule….”
Edit the Rule
Rule Name : (The purpose of the filter)
*Apply this rule if: The sender if located
Add condition another condition
Type the header includes and words
NOTE:
You could add multiple actions, Also you can specify exceptions
Rule mode should be Enforce
Save the changes and exit.
NOTE:
Headers that you could use for the filers
Header Name
|
Resent-From
|
Message-ID
|
Date
|
From
|
User-Agent
|
MIME-Version
|
To
|
Subject
|
Content-Type
|
Content-Transfer-Encoding
|
Return-Path
|
Received-SPF
|
X-Auto-Response-Suppress
|
X-OrganizationHeadersPreserved
|
X-EOPAttributedMessage
|
X-MS-Exchange-Organization-MessageDirectionality
|
X-Forefront-Antispam-Report
|
X-MS-Exchange-Organization-PRD
|
X-MS-Exchange-Organization-Antispam-Report
|
X-MS-Exchange-Organization-SCL
|
X-MS-Exchange-Organization-SenderIdResult
|
X-CrossPremisesHeadersPromoted
|
X-CrossPremisesHeadersFiltered
|
X-MS-Exchange-Organization-Network-Message-Id
|
X-Microsoft-Antispam
|
X-MS-Exchange-Organization-AVStamp-Service
|
X-Exchange-Antispam-Report-Test
|
X-MS-Exchange-Organization-AuthSource
|
X-MS-Exchange-Organization-AuthAs
|
X-OriginatorOrg
|
-Thanks
@Roshan