Stop Spoofing Yourself! Disabling M365 Direct Send

This report explains that Microsoft 365's Direct Send is an unauthenticated SMTP path allowing attackers to send email appearing to originate from internal addresses within a tenant, outlines recent surge in abuse for internal impersonation/phishing, discusses testing caveats, and shows how to enable the public-preview 'Reject Direct Send' setting (Set-OrganizationConfig -RejectDirectSend $true) to block such misuse.