- Disable Direct Send.
- Follow Microsoft's Email Security Best Practices for M365.
- Identify SPF/DKIM/DMARC failures.
- Use authenticated SMTP client submissions or SMTP relay with specific IP restrictions.
- Implement strict DMARC policies.
- Configure SPF to hardfail.
- Enforce MFA for M365 accounts.
- Review the Varonis blog post for additional information and guidance.
