Ask a new question

Spam sent from onmicrosoft.com domain

Hello,

For the last month or so, I have repeatedly received spam emails from the onmicrosoft.com domain. They always seem to also be sent from an "on behalf of" email address. For example, one of the spam emails today was from:
***Remove email address for privacy***@ihcare.onmicrosoft.com; on behalf of; dalal <***Remove email address for privacy***>.

The headers and "on behalf of" constantly change, so I can't figure out how to create a filter for them.

I'm wondering, since they always come from this domain, is there fix for this Microsoft-wide?

Thank you,

Tim

Hello, KY_Tim

Thanks for using our Microsoft Community.

When you sign up for Microsoft 365, Microsoft provides an onmicrosoft.com domain - your fallback domain - in case you don't own a domain, or don't want to connect it to Microsoft 365 (for example, tailspintoys.onmicrosoft.com). It serves as a default email routing address for your Microsoft 365 environment. When a user is set up with a mailbox, email is routed to the fallback domain. Even if a custom domain is used (for example, tailspintoys.com), if that custom domain is deleted from your Microsoft 365 environment, the fallback domain ensures that your user's email is successfully routed.

That is to say, the message you received doesn't come from Microsoft directly. When Microsoft sends an message, the email address won't look like this. The sender just signed up for Microsoft 365 and sent out the message to you.

There are many reasons you might receive junk e-mail. However, you can view internet message headers in Outlook. An email message internet header provides a list of technical details about the message, such as who sent it, the software used to compose it, and the email servers that it passed through on its way to the recipient. Most of the time, only an administrator will need to view internet headers for a message. If you want to add a header to your email message, see Apply stationery, backgrounds, or themes to email messages.

Some senders use spoofing to disguise their email address. By checking the header, you can find out if the email address is different than it appears, and add it to your blocked senders list.

In addition, you can use the Report Message add-in. The Report Message add-in works with Outlook to allow you to report suspicious messages to Microsoft as well as manage how your Microsoft 365 email account treats these messages. 

Messages that your Microsoft 365 email account marks as junk are automatically moved to your Junk Email folder. However, spammers and phishing attempts are continually evolving. If you receive a junk email in your inbox, you can use the Report Message add-in to send the message to Microsoft to help us improve our spam filters. If you find an email in your Junk Email folder that's not spam, you can use the Report Message add-in to mark it as a legitimate email, move the message to your Inbox, and report the false positive to help Microsoft improve our spam filters. 

 

Feel free to reply if you have other concerns.

Best regards,

Yuhao Li| Microsoft Community Support Specialist

9 people found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info

Last updated May 2, 2024 Views 8,621 Applies to: