We are happy to introduce “M365 Direct Delivery”, a new method of delivering campaign emails to the users for M365!!

M365 Direct Delivery bypasses the Microsoft spam checks and other filtering mechanisms. It injects the emails directly into the recipients' inboxes through Microsoft's Graph APIs. With M365 Direct Delivery, you no longer need to add Phish Threat domains and IP addresses to Microsoft's exception list. This not only simplifies the configuration process but also significantly improves email deliverability.

To activate M365 Direct Delivery, you'll need to complete a one-time setup. We've introduced a new settings page where you can view all the verified domains.

To establish the required configuration in your M365, you’ll have to generate a credential and grant the necessary permissions.

This will direct you to Microsoft’s authentication flow. You’ll be prompted to grant the permissions for creating an app and integration. Once you create the credential and enable it, M365 Direct Delivery will be activated for the domain.

If you have multiple domains: Please note that once the credential is created and enabled, it can be utilized across all domains within the same M365 tenant. This simplifies the process of enabling Direct Delivery for additional domains significantly. You’ll just select the same credential and enable it for each domain, without having to repeat the Microsoft authentication process.

For further details, refer to the updated documentation here: https://docs.sophos.com/central/customer/help/en-us/ManageYourProducts/PhishThreat/SystemSettings/PTM365DirectDelivery/index.html