Score:0

DMARC report with passing O365 DKIM signature being sent by Google server

in flag

The dmarc report values are as follows:

dkim_domain : mydomain.onmicrosoft.com
dkim_result : pass
selector : selector1-mydomain-onmicrosoft-com
header_from : mydomain
spf_domain : mydomain
spf_result : fail
source_ip : 209.85.219.70   (this is a Google mail server)
org_name : google.com    

So, we have a message that was signed by O365, but is being sent by a Google server, and the receiving Google server is reporting it as a SPF violation. How does this happen? Is there anything to be done about it?

Thank you.

Score:2
jp flag

This is probably a forwarded message. SPF does not survive forwarding and, therefore, any mail forwarding service should rewrite the envelope sender. That will break the DMARC alignment through SPF, but a message signed with DKIM should be enough to provide proper alignment.

in flag
Thank you. That is what I had concluded as well.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.