We are seeing new email notifications for security notices on login from RingCentral being sent "from" the user's email address on behalf of / via Ringcentral. In other words, if my user's email account is UserEmail@notifyemail.com - then RingCentral sends login security notices with a from address of "Ringcentral via UserEmail@notifyemail.com" with a reply-to address of firstname.lastname@example.org. Because RingCentral is using the actual email address of the person to send email notifications, if the person is using Office 365 with an spf record, the email notification is dropped by Microsoft as being a threat / spammer. You should not be spoofing email addresses of your users as the from address. If you do this, we would need to add your mail servers' to the user's mail server spf record. Please advise. We are also escalating this with tier 2 RingCentral support.