Email Security.cloud Infrastructure Maintenance November 22-28, 2025

Broadcom is performing maintenance to the Email Security.cloud service beginning November 22 and ending November 28, 2025.

During this maintenance, Phase 2 of the new Anti-Echo-Spoofing Protection feature will be released. This functionality helps protect customers from attackers who use Microsoft 365 to send spoofed emails that impersonate customer domains and relay the spoofed messages outbound through the Email Security.cloud service.

The Anti-EchoSpoofing service verifies that messages sent from Microsoft 365 tenants originate from an authorized organization. Messages sent from unrecognized or unauthorized tenants can be set to be rejected in the Email Security.cloud email reception phase, thus reducing the risk of domain abuse and phishing. Administrators can view and manage authorized Microsoft 365 tenant identifiers in the Email Security.cloud Outbound Routes configuration for Microsoft 365.

NOTE

During Phase 2, Anti-EchoSpoofing protection will remain in Log-only mode by default to give customers visibility into which domains appear in the Microsoft X-OriginatorOrg headers within their organization. However, Phase 2 also gives customers the option to move to blocking emails with unapproved X-OriginatorOrgs by turning off Log-only mode in the Outbound Routes configuration for Microsoft 365.

Please refer to the release notes for details of the proactive measures and recommendations that we have implemented to combat EchoSpoofing and for details of the Phase 1 release.