Our Splunk email alerts are being sent without a Sender (see below screenshot, "Afzender" is sender), resulting in them being quarantined by Office 365.
I tried the following actions but these did not fix the problem, sender is still seen by Office 365 as "<>":
Putting an email address in the "Send emails as" form on the server settings > email settings page
Putting "Splunk" in the "Send emails as" form on the server settings > email settings page
Edited alert_actions.conf to "from = mail username" and "hostname = mail" domain name, based on a Splunk forum post I found.
When I release the quarantined email within Office365 the alert email sender is shown in my Outlook Inbox as "(splunk via SERVERHOST)splunk". SERVERHOST is the server hostname but I can't post that in this example due to security concerns. This sender name also does not change within Outlook when changing this in alert_actions.conf / email settings within Splunk.
Mail server settings in server settings > email settings (anonymized):
Mail host: mail hosting server
Email security: none
I tried looking for other solutions in this forum but these are all I could find. If anybody can point me in the right direction / knows how to fix this that would be greatly appreciated 🙂