Skip to main content
adem_netsys
adem_netsys
Explorer III
August 17, 2025
Question

Phishing Scenario

  • August 17, 2025
  • 2 replies
  • 892 views

Hello,

 

We have a phishing scenario on Exchange and we use local Exchange. However, in the new scenario, O365 has been added and some emails are being moved here. In the new environment, some emails are on Exchange and some on O365. How can we use the two environments in the same scenario and how can we tell which server the incoming mail is from?

    2 replies

    anarula
    Staff
    anarula
    Staff
    August 18, 2025

    @adem_netsys , try comparing the headers of sample email from both servers. I would guess the incoming paths would be different.

      adem_netsys
      adem_netsysAuthor
      Explorer III
      August 20, 2025

      @anarula How can we do this, have you tried before?

      anarula
      Staff
      anarula
      Staff
      August 20, 2025

      @adem_netsys , can you share the headers from 2 samples (one from O365, and other from Exchange Server)

        adem_netsys
        adem_netsysAuthor
        Explorer III
        August 26, 2025

        Actually, I don't think it is very important what the two headers are here. It could be what you think as an example.

        Terms & ConditionsAccessibility statement