Broadly speaking, you need to do this: * Make sure SPF passes for your outbound email. That means you need to advertise an SPF record for your sending domain in DNS, which includes spf.messagelabs.com. * Configure O365 to DKIM sign outbound emails for your sending domain. * Make sure the Symantec.cloud service is configured not to modify outbound emails by adding disclaimers or tagging the subject line. That would break the DKIM signature.
Email me privately if you would like more assistance with this. John From: dmarc-discuss [mailto:[email protected]] On Behalf Of Duggan, Anita via dmarc-discuss Sent: 04 April 2016 14:11 To: Maarten Oelering Cc: [email protected] Subject: Re: [dmarc-discuss] DMARC configuration when using spam solution in Front of O365 Have attached the results from an email that is in the DMARC mail box that we set up to track messages. We currently have set p=none as we review the mail being captured This email is from (Timzone.com) which is another O365 tenant that we own, it has SPF records but no DKIM or DMARC. All of their inbound and outbound mail also flows through Symantec.cloud. Timzone.com still has their disclaimer being applied by Symantec. RBI.com also has all emails go through Symantc.cloud but Dmarc and Dkim have been applied on O365, the disclaimer is on O365. Thanks for your assistance. Anita From: Maarten Oelering [mailto:[email protected]] Sent: Saturday, April 02, 2016 3:23 AM To: Duggan, Anita <[email protected]> Cc: [email protected] Subject: Re: [dmarc-discuss] DMARC configuration when using spam solution in Front of O365 If you can share the full email header of a test mail as it is received, that would help. For example from a Gmail account. Based on that it's easy to check SPF/DKIM validation, alignment, etc. You can also use a service like emailaudit.com to check all DMARC prerequisites. Maarten Postmastery On Friday, 1 April 2016, Duggan, Anita via dmarc-discuss <[email protected]> wrote: Good Morning, We are in the process of setting up DKIM and DMARC for our domains. Our inbound and outbound email flow goes from O365 to a spam provider and then to the internet and vice versa. We have implemented DKIM / DMARC on O365, using the 2 cname records, and have DMARC set to take no action at this time. However, I am unclear what action needs to be taken to address that the last hop before our mail goes out to the internet is our spam provider. Any assistance would be greatly appreciated Thanks, ADuggan [email protected] The information contained in this message may be proprietary, confidential or trade secret and may be legally privileged. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or reproduction is strictly prohibited and may be a violation of law. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message. Les renseignements contenus dans ce message peuvent être de propriété exclusive, de nature privilégiée, confidentiels ou relever du secret commercial. Ce message est strictement réservé à l’usage de son ou ses destinataires. Si vous n’êtes pas le destinataire prévu, vous êtes, par la présente, informé que toute utilisation, distribution, divulgation ou reproduction est strictement interdite et peut constituer une infraction à la loi. Si vous n’êtes pas le destinataire prévu, veuillez communiquer avec l’expéditeur par courriel et détruire tous les exemplaires du message original. The information contained in this message may be proprietary, confidential or trade secret and may be legally privileged. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or reproduction is strictly prohibited and may be a violation of law. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message. Les renseignements contenus dans ce message peuvent être de propriété exclusive, de nature privilégiée, confidentiels ou relever du secret commercial. Ce message est strictement réservé à l’usage de son ou ses destinataires. Si vous n’êtes pas le destinataire prévu, vous êtes, par la présente, informé que toute utilisation, distribution, divulgation ou reproduction est strictement interdite et peut constituer une infraction à la loi. Si vous n’êtes pas le destinataire prévu, veuillez communiquer avec l’expéditeur par courriel et détruire tous les exemplaires du message original. _______________________________________________ dmarc-discuss mailing list [email protected] http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
