Author Topic: Office 365 Enables ARC for Enhanced Anti-Spoofing Detection  (Read 577 times)

Offline javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 35126
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
Office 365 Enables ARC for Enhanced Anti-Spoofing Detection
« on: October 27, 2019, 03:49:19 PM »
Microsoft has enabled Authenticated Received Chain (ARC) for all for Office 365 hosted mailboxes to improve anti-spoofing detection and to check authentication results within Office 365.

ARC is a protocol designed to provide an authenticated "chain of custody" for messages making it possible for each of the users handling an email to see what other entities handled it previously, as well as determine its authentication assessment at each step during the delivery process.

The ARC protocol supplements the DMARC and DKIM email authentication protocols as part of Internet Mail Handlers' effort to combat email spoofing especially when dealing with forwarded messages.

DMARC.org announced ARC in 2015, IETF's DMARC Working Group adopted it as an official work item in June 2016 and published the specification on July 9th, 2019.

In the video embedded below, DMARC Executive Director Stephen Jones provides a quick overview of how ARC works to help reduce fraud by allowing "senders and receivers to cooperate on stopping fraudulent messages that impersonate a domain from reaching end-users mailboxes."

Domain spoofing detection

"All hosted mailboxes in Office 365 will now gain the benefit of ARC with improved deliverability of messages and enhanced anti-spoofing detection," says the feature's Microsoft 365 roadmap entry.

"ARC preserves the email authentication results from all participating intermediaries, or hops when an email is routed from the originating server to the recipient mailbox."

Enabling ARC for Office 365 hosted mailboxes makes it possible to prevent email authentication results from failing after reaching a recipient's inbox due to modifications made during the routing by intermediaries such as forwarding rules or mailing lists.

With ARC toggled on, Office 365 can verify the authenticity of an email's sender with the help of the automatic cryptographic preservation of the authentication results.

In the beginning, ARC will only be used to verify authentication results within Office 365, but Microsoft also plans to add support for third-party signers.

An overview of the ARC protocol for an email with detailed info on what it does and it doesn't do is available

More Office 365 security-focused changes rolling out

Microsoft also rolls out the new 'Unverified Sender' feature during October to make it easier for users to identify potential spam or phishing emails delivered to their Outlook clients' inboxes.

"In order to help customers identify suspicious messages in their inbox, we've added an indicator that demonstrates Office 365 spoof intelligence was unable to verify the sender," stated the company.

Redmond increased DKIM key sizes to 2048-bit from 1024-bit for all customers to enhance security in all Office 365 environments.

"If you already have your default or custom domain DKIM enabled in Office 365, it will automatically be upgraded from 1024-bit to 2048-bit at your next DKIM configuration rotation date," Microsoft said.

Microsoft Office 365 administrators and users were also urged not to bypass the built-in spam filters in June as part of a support document that also provided guidelines for cases when this can't be avoided.

source