The Hidden Risk Of Microsoft Direct Send: Why You Need A Secure Email Relay
Proofpoint, Thursday, October 16th, 2025
Microsoft Direct Send is a method in Microsoft 365's Exchange Online service that allows devices, applications, or on-premises systems to send email through Microsoft's Exchange Online servers without using a user mailbox or credentials.
It's commonly used when email needs to be sent from devices or apps that don't support authentication in the standard way. While this can simplify setup for scanners, printers, and line-of-business apps, it also introduces potential security risks.
The problem with Direct Send
Direct Send uses Microsoft's mail servers (SMTP) to send messages without authentication. This makes setup simple, but it also creates significant risks. Without authentication, anyone can spoof your domain and send mail through Microsoft's infrastructure. Messages sent this way often appear to your internal users as trusted, since they originate from Microsoft servers, giving attackers an easy way to bypass suspicion. As a result, phishing and fraud campaigns can be launched without ever compromising a legitimate account.