MT.1062 - Ensure Direct Send is set to be rejected
Overviewβ
Direct Send SHOULD be configured to Reject in Exchange Online
Rationale: Attackers can exploit direct send to send spam or phishing emails without authentication. Direct Send covers anonymous messages (unauthenticated messages) sent from your own domain to your organization's mailboxes using the tenant MX.
Remediation action:β
- Connect to Exchange Online:
Connect-ExchangeOnline
- Configure the setting to reject direct send:
Set-OrganizationConfig -RejectDirectSend $true
- Verify the policy:
(Get-OrganizationConfig).RejectDirectSend
The result should be True.
Related linksβ
- Introducing more control over Direct Send in Exchange Online
- Direct Send: Send mail directly from your device or application to Microsoft 365
Test Metadataβ
| Field | Value |
|---|---|
| Test ID | MT.1062 |
| Severity | Medium |
| Suite | Maester |
| Category | Exchange |
| PowerShell test | Test-MtExoRejectDirectSend |
| Tags | Exchange, Maester, MT.1062 |
Sourceβ
- Pester test:
tests/Maester/Exchange/Test-ExchangeSetting.Tests.ps1 - PowerShell source:
powershell/public/maester/exchange/Test-MtExoRejectDirectSend.ps1