PLAY PODCASTS
How to Strengthen M365 Exchange Online Configurations with Kevin Klingbile
Episode 5

How to Strengthen M365 Exchange Online Configurations with Kevin Klingbile

Antisyphon Training Anticasts

February 5, 20261h 6m

Audio is streamed directly from the publisher (media.transistor.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode pageView transcriptChapters

Show Notes

Summary
When was the last time you reviewed the security of your mail flow rules?

Join instructor Kevin Klingbile to learn how attackers exploit weak mail flow rules and how to stop them.

Kevin will teach you through real-world examples of rule bypasses, show you how to spot risky configurations, and teach practical steps to secure your email environment.

In this free one-hour Antisyphon Anti-cast, you'll strengthen your defenses and make sure your mail flow rules aren’t the next easy target.

🛝 Webcast Slides:
https://www.antisyphontraining.com/wp-content/uploads/2026/02/strengthen-m365-configs-kevin-klingbile.pdf

✏️ Antisyphon Training with Kevin:
https://www.antisyphontraining.com/product/defending-m365-azure-with-kevin-klingbile/

Chapters

  • (00:00) - Intro – How to Strengthen M365 Exchange Online Configurations with Kevin Klingbile
  • (01:12) - Excahnge Online
  • (03:47) - Exchange Mail Flow Rules
  • (04:20) - Rule Requirements - Conditions
  • (08:36) - Rule Settings
  • (12:15) - Rule Flow
  • (18:34) - Creating “Good” Rules
  • (25:22) - Rule Example - Conditions vs Description
  • (28:29) - Rule Function - Message Sent to Organization
  • (29:39) - Reply to email chain and...
  • (30:56) - Microsoft’s Solution! (Sort of)
  • (32:10) - Mail Rule vs Disclaimer
  • (32:20) - Modify Original Rule
  • (33:03) - New message “Bypassing” Subject Rule
  • (35:03) - Common Rule Issues
  • (41:44) - Phishing Products
  • (42:39) - X-Header Bypass Examples
  • (42:53) - X-Header Example - 2
  • (43:46) - Direct Send
  • (45:50) - Direct Send - Transport Rules
  • (46:52) - Disable Direct Send**
  • (47:58) - DMARC
  • (48:26) - Securing Exchange Online
  • (48:59) - Q&A Start
  • (57:46) - Other Antisyphon Events
  • (01:05:35) - Final Thoughts

Creators & Guests
Chat with your fellow attendees in the BHIS Discord server:
https://discord.gg/bhis
in the #🔴live-chat channel

Click here to watch a video of this episode.

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com

Brought to you by:

Black Hills Information Security 

https://www.blackhillsinfosec.com


Antisyphon Training

https://www.antisyphontraining.com/


Active Countermeasures

https://www.activecountermeasures.com


Wild West Hackin Fest

https://wildwesthackinfest.com

Click here to view the episode transcript.

← All episodes of Antisyphon Training Anticasts