Domains are pointed directly at EOP or enhanced filtering is used.

Why This Matters

When a domain is pointed directly to Exchange Online Protection (EOP) without enhanced filtering, attackers can bypass critical security protections by spoofing the sending IP address. This misconfiguration makes your organization more vulnerable to phishing and spoofing attacks. Enabling enhanced filtering for your on-premises mail flow ensures that EOP can properly evaluate the original sender.

What Aether365 Checks

Aether365 verifies that each domain configured in Microsoft 365 either has its MX record pointed directly to EOP or has enhanced filtering enabled. This check appears in the Aether365 dashboard under the microsoft-365 security checks.