Direct Send is a Microsoft 365 mail-flow method that lets devices and applications send unauthenticated email directly to mailboxes inside a tenant. Microsoft built it so printers, scanners, and line-of-business systems could email scanned documents and notifications to employees without managing credentials. Direct Send requires no licensed mailbox and no authentication. Any system that can reach the tenant's MX endpoint over TCP port 25 can deliver mail using any sender address on the organization's accepted domains.
That combination of properties makes Direct Send useful for legacy hardware and dangerous in the wrong hands. Microsoft's own guidance now states that most customers don't need Direct Send and recommends it only for organizations prepared to manage the risks of running an unauthenticated mail path.
Attackers abuse Direct Send by sending phishing email to a tenant's MX endpoint with a spoofed sender address on the organization's own domain. No account is compromised and no credential is stolen. The message simply claims to be from an internal sender, and Direct Send accepts it.
The technique supports email spoofing at bulk scale. Campaigns observed in the wild deliver invoice lures, voicemail notifications, and document-share phishing that appear to come from colleagues or affiliated brands. Because the messages carry no malware signature and often no known-bad URL at send time, content scanning has little to block, and the internal-looking sender address defeats the "check the sender" advice most users have been taught.
Exchange Online administrators can check Direct Send exposure with one command. Run Get-OrganizationConfig | Select RejectDirectSend in Exchange Online PowerShell. A value of False, the default, means the tenant still accepts unauthenticated Direct Send mail.
Microsoft introduced the tenant-level RejectDirectSend setting in 2025. Enabling it with Set-OrganizationConfig -RejectDirectSend $true rejects unauthenticated Direct Send messages with the SMTP error 550 5.7.68. Before enabling rejection, inventory the printers, scanners, and applications that send mail into the tenant and migrate them to authenticated SMTP submission or a certificate-based connector, both of which preserve device mail without the open path.
Rejecting Direct Send closes the unauthenticated path, and SPF plus DMARC enforcement makes the surviving spoofing routes harder to use. The remaining gap is behavioral. Mail that impersonates an internal or supplier identity while arriving from infrastructure that identity has never used is the signature Direct Send abuse leaves behind, and it is the kind of anomaly behavioral AI analysis detects when content inspection has nothing to flag.