Ensure Direct Send is set to be rejected

Why This Matters

Direct Send allows unauthenticated email submission from any IP address, which attackers can exploit to spoof domains and bypass email authentication. If left enabled, this creates a critical backdoor for phishing campaigns and spam that can damage your organization's reputation. Blocking Direct Send ensures only authenticated clients can send mail through your Exchange Online environment.

What Aether365 Checks

Aether365 verifies that the Exchange Online organization configuration has the RejectDirectSend parameter set to True. This check appears in the Aether365 dashboard under microsoft-365 checks with a Medium severity rating.