This article describes how Office 365 mitigates against phishing attacks that uses forged sender domains, that is, domains that are spoofed. It accomplishes this by analyzing the messages and blocking the ones that can be authenticated neithe by using standard email authentication methods, nor other sender reputation techniques. This change is being implemented to reduce the number of phishing attacks organizations in Office 365 are exposed to.
— Read on docs.microsoft.com/en-us/office365/securitycompliance/anti-spoofing-protection