Hello guys,

I have three questions for you that I am unsure about and hoping that someone 
at Microsoft will be able to help:

First two questions are related to Mimecast acting as inbound security gateway 
to O365:

1. When Mimecast acts as inbound gateway solution and it receives an email, it 
does DMARC checks and lets the email through to O365 environment. Even if an 
email passes DMARC checks at Mimecast and the email is let through, then O365 
also seems to also be doing DMARC checks but both SPF and DKIM fail because of 
the change that Mimecast does. As a results DMARC fails. My questions is, what 
is the best practice here in this scenario? Is there a way to turn off DMARC 
checks at O365? Mimecast suggest that it is whitelisted in O365 but that means 
that all the spam will be let through as well.

2. Would O365 send DMARC reports back to the sender in the above case? And, if 
O365 sends DMARC reports back to the sender then emails will be shown as 
originating from Mimecast but failing DMARC.

3. Would O365 do DMARC checks for internal emails ie. O365 tenant employee to 
another O365 tenant employee? And would it send DMARC reports in this case?

dmarc-discuss mailing list

NOTE: Participating in this list means you agree to the DMARC Note Well terms 

Reply via email to