An SPF policy SHALL be published for each domain, designating only these addresses as approved senders.

Why This Matters

Without a properly configured SPF policy for your domains, attackers can forge email from your domain to send phishing messages or spam. An SPF policy restricts which mail servers are authorized to send email on your behalf, reducing the risk of spoofing attacks and improving email deliverability. This check is essential for maintaining your domain’s reputation in Microsoft 365.

What Aether365 Checks

Aether365 verifies that an SPF policy is published for each domain in your Microsoft 365 tenant, listing only approved senders such as your Exchange Online servers. This appears in your Aether365 dashboard under the microsoft-365 checks section.