check before: 2024-09-10
Product:
Exchange
Platform:
Online, World tenant
Status:
Change type:
Admin impact, Updated message, User impact
Links:
Details:
Summary:
Starting December 1st, Exchange Online will reject emails with multiple From addresses without a Sender header, to comply with RFC 5322. Noncompliance can lead to sender impersonation. Affected organizations will be notified by October 15th if they had significant noncompliant traffic in September.
Details:
Updated September 20, 2024: We have updated the content. Thank you for your patience.
Starting December 1st, we're going to start gradually dropping messages that have multiple From addresses (also known as P2 From headers) without a Sender header from being sent via Exchange Online.
If we see significant traffic exhibiting multiple From addresses (P2 From headers) without a Sender header in your tenant in the month of September, we will send you a Message Center Post by October 15th alerting you and providing some sample message IDs.
We are doing this to comply with RFC 5322 (https://www.rfc-editor.org/rfc/rfc5322#section-3.6.2) which mandates the Sender header to be present and contain a single address if the From header has more than one address. Noncompliance with this could be exploited by attackers, allowing them to impersonate a sender address by misleading the client into using the From header to determine the sender instead of the Sender header.
[When this will happen:]
December 1st, 2024
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2024-09-10
updated:
2024-09-21
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
Starting December 1st, Exchange Online will reject emails with multiple From addresses without a Sender header to comply with RFC 5322, and organizations with significant noncompliant traffic detected in September will be notified by October 15th.
Direct effects for Operations**
Email Delivery Failures
Emails with multiple From addresses without a Sender header will be rejected, leading to potential communication breakdowns.
- roles: IT Administrator, End User
- references: https://www.rfc-editor.org/rfc/rfc5322#section-3.6.2
Increased Support Requests
Users may experience confusion and submit support tickets due to unexpected NDR errors when sending emails.
- roles: Help Desk Support, End User
- references: https://www.rfc-editor.org/rfc/rfc5322#section-3.6.2
Compliance Risks
Failure to comply with RFC 5322 may expose the organization to security risks, including sender impersonation.
- roles: Compliance Officer, IT Security Manager
- references: https://www.rfc-editor.org/rfc/rfc5322#section-3.6.2
User Experience Degradation
Users may face interruptions in their workflow due to email sending issues, affecting productivity.
- roles: End User, Team Leader
- references: https://www.rfc-editor.org/rfc/rfc5322#section-3.6.2
Training and Awareness Needs
There will be a need for additional training for users on proper email header usage to avoid sending errors.
- roles: Training Coordinator, End User
- references: https://www.rfc-editor.org/rfc/rfc5322#section-3.6.2
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
Enhanced Email Security Training
With the upcoming change, organizations should implement training programs to educate users about the importance of the Sender header and the risks associated with noncompliance, such as sender impersonation. This will help mitigate potential security threats and improve overall email security awareness.
- next-steps: Develop a training module focusing on email security best practices, including the proper use of From and Sender headers. Schedule training sessions before the December deadline to ensure all employees are informed.
- roles: IT Security Team, Compliance Officers, End Users
- references: https://www.csoonline.com/article/3601275/how-to-improve-email-security-in-your-organization.html
Email Client Configuration Review
This change necessitates a review of email client configurations to ensure they are compliant with the new requirements. Identifying and updating any non-compliant configurations will prevent disruptions in email delivery and enhance user experience.
- next-steps: Conduct an audit of current email client configurations across the organization. Identify any clients that send emails with multiple From addresses without a Sender header and update their settings accordingly.
- roles: IT Administrators, Email Support Team, End Users
- references: https://www.techrepublic.com/article/how-to-audit-your-email-client-settings-for-security/
Implementation of Email Monitoring Tools
To proactively address issues arising from this change, organizations can implement email monitoring tools that alert IT teams when non-compliant emails are being sent. This will help in identifying problematic areas and facilitate quick remediation.
- next-steps: Research and select email monitoring solutions that can track compliance with RFC 5322. Set up alerts and reporting mechanisms to monitor email traffic for multiple From addresses without a Sender header.
- roles: IT Operations Team, IT Security Team, Compliance Officers
- references: https://www.zdnet.com/article/the-best-email-monitoring-tools-for-businesses/
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
Date | Property | old | new |
2024-09-21 | MC MessageTagNames | User impact, Admin impact | Updated message, User impact, Admin impact |
2024-09-21 | MC Summary | Starting October 15th, Exchange Online will reject emails with multiple From addresses without a Sender header, to comply with RFC 5322. Organizations should ensure a single address in the Sender header to avoid non-delivery reports (NDRs) with error code 550 5.1.20. Feedback on this change is welcomed. | Starting December 1st, Exchange Online will reject emails with multiple From addresses without a Sender header, to comply with RFC 5322. Noncompliance can lead to sender impersonation. Affected organizations will be notified by October 15th if they had significant noncompliant traffic in September. |
2024-09-21 | MC Last Updated | 09/10/2024 02:59:50 | 2024-09-21T01:49:28Z |
2024-09-21 | MC Messages | Starting October 15th, we're going to start gradually dropping messages that have multiple From addresses (also known as P2 From headers) without a Sender header from being sent via Exchange Online.
We are doing this to comply with RFC 5322 (https://www.rfc-editor.org/rfc/rfc5322#section-3.6.2) which mandates the Sender header to be present and contain a single address if the From header has more than one address. Noncompliance with this could be exploited by attackers, allowing them to impersonate a sender address by misleading the client into using the From header to determine the sender instead of the Sender header. [When this will happen:] October 15, 2024 | Updated September 20, 2024: We have updated the content. Thank you for your patience.
Starting December 1st, we're going to start gradually dropping messages that have multiple From addresses (also known as P2 From headers) without a Sender header from being sent via Exchange Online. If we see significant traffic exhibiting multiple From addresses (P2 From headers) without a Sender header in your tenant in the month of September, we will send you a Message Center Post by October 15th alerting you and providing some sample message IDs. We are doing this to comply with RFC 5322 (https://www.rfc-editor.org/rfc/rfc5322#section-3.6.2) which mandates the Sender header to be present and contain a single address if the From header has more than one address. Noncompliance with this could be exploited by attackers, allowing them to impersonate a sender address by misleading the client into using the From header to determine the sender instead of the Sender header. [When this will happen:] December 1st, 2024 |
2024-09-21 | MC How Affect | If email clients including devices and applications that you use to send messages, do so using multiple From addresses but without a Sender address header after October 15th, you will get an NDR error code 550 5.1.20 "Multiple From addresses are not allowed without Sender address'". | If email clients including devices and applications that you use to send messages, do so using multiple From addresses but without a Sender address header after December 1st, you will get an NDR error code 550 5.1.20 "Multiple From addresses are not allowed without Sender address'". |
2024-09-21 | MC Title | Reject multiple From addresses (P2 From headers) without a Sender header | (Updated) Reject multiple From addresses (P2 From headers) without a Sender header |
2024-09-21 | MC End Time | 12/31/2024 09:00:00 | 2025-02-24T09:00:00Z |
Last updated 3 weeks ago