Exchange flaw allows email spoofing despite SPF, DKIM, DMARC

A significant vulnerability termed "Ghost-Sender" in Microsoft Exchange allows attackers to spoof any email address, enabling them to send emails from any user within vulnerable organizations. The flaw specifically affects those using Exchange Online or hybrid configurations with a third-party mail server. Even if SPF, DKIM, and DMARC policies are in place, spoofed emails are delivered without warning. Solutions include adjusting mail flow rules or creating a partner organization connector to mitigate the risk. Despite reports to Microsoft, the issue was initially dismissed as a non-vulnerability, causing concern among researchers.