Michael - Thank you for sharing this! Inky, for example, includes an external notification in the email body. However, we have never received a rejection notification for emails that failed DMARC. We suspect that some emails sent to M365 users registered through GoDaddy with Proofpoint add-on are still being delivered, as we receive replies from them despite having DMARC set to "reject". I spoke with someone at Inky who confirmed that the DMARC policy is being applied to emails, but they did not confirm whether those emails are being blocked when passing through their system.
Wow!!!! Comments is the solution... for those living 40 years ago... On Fri, Aug 23, 2024 at 11:24 PM Michael Wise <michael.w...@microsoft.com> wrote: > > > If the traffic passes thru a filtering gateway in front of the recipient > server, SPF will fail. > > Also, if that gateway modified the Subject, From, or prepends a message > about it being, “External” in the body of the message, then DKIM will fail. > > And in either of the above, DMARC will almost certainly fail. > > > > Long ago, there was a solution put into RFC 822 (yes, ever since then) > that would solve this problem at least for the DKIM case, but (almost) > nobody uses it. > > > > I refer, of course (?) to the Comments header. > > > > > > Aloha, > > Michael. > > -- > > *Michael J Wise* > Microsoft Corporation| Spam Analysis > > "Your Spam Specimen Has Been Processed." > > Open a ticket for Hotmail <http://go.microsoft.com/fwlink/?LinkID=614866> > ? > > > > *From:* mailop <mailop-boun...@mailop.org> *On Behalf Of *Alex Shakhov > via mailop > *Sent:* Friday, August 23, 2024 1:35 PM > *To:* mailop@mailop.org > *Subject:* [EXTERNAL] [mailop] DMARC p=reject Interaction with security > gateways > > > > Hello - We are currently managing several domains that are experiencing > spoofing attacks, which led us to implement a p=reject policy. We monitor > these domains through Uriports, and while all DKIM/SPF validations pass, > exceptions arise with emails routed through security providers such as > Cloudflare, Proofpoint, Mimecast, Inky, and others. > > Is the "reject" disposition simply noise that can be disregarded, with > 100% of these emails still being delivered due to the application of the > ARC policy? Or do these emails fail to reach their final destination? > > Any guidance on this would be greatly appreciated! >
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
