Microsoft Defender for Office 365 (plan 2) contains the Threat Explorer feature. It’s a useful way to investigate problematic messages which arrive in a tenant. The automated investigations feature can highlight messages containing malware by assembling evidence about warning signs in the message or its contents, and administrators can then action the recommendations up to and including the removal of messages already delivered to user mailboxes. Automating investigations is a good thing, if you afford Defender for Office 365 Plan 2.
In this post, Microsoft MVP Alan Byrne explains how to configure the two most effective technologies that will ensure your outgoing email is successfully delivered. These technologies are known as Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM), and they protect your outgoing emails from being marked as spam while also flagging and blocking any incoming messages from unauthorized servers spoofing your domain.
How to use Exchange Online mail flow rules to improve the effectiveness of your EOP spam filtering and protect Office 365 users from phishing attacks.
Are Sender Policy Framework (SPF) records in DNS necessary for domains these days?
Are there any security or compliance concerns for Office 365 customers who allow emails to be sent to Microsoft Teams channels?