[dmarc-discuss] DMARC configuration when using spam solution in Front of O365

John Mears John_Mears at symantec.com
Wed Apr 6 08:14:31 PDT 2016


Broadly speaking, you need to do this:

* Make sure SPF passes for your outbound email. That means you need to advertise an SPF record for your sending domain in DNS, which includes spf.messagelabs.com.
* Configure O365 to DKIM sign outbound emails for your sending domain.
* Make sure the Symantec.cloud service is configured not to modify outbound emails by adding disclaimers or tagging the subject line. That would break the DKIM signature.

Email me privately if you would like more assistance with this.

John



From: dmarc-discuss [mailto:dmarc-discuss-bounces at dmarc.org] On Behalf Of Duggan, Anita via dmarc-discuss
Sent: 04 April 2016 14:11
To: Maarten Oelering
Cc: dmarc-discuss at dmarc.org
Subject: Re: [dmarc-discuss] DMARC configuration when using spam solution in Front of O365

Have attached the results from an email that is in the DMARC mail box that we set up to track messages.  We currently have set p=none as we review the mail being captured

This email is from (Timzone.com) which is another O365 tenant that we own, it has SPF records but no DKIM or DMARC.   All of their inbound and outbound mail also flows through Symantec.cloud.  Timzone.com still has their disclaimer being applied by Symantec.   

RBI.com also has all emails go through Symantc.cloud but  Dmarc and Dkim have been applied on O365, the disclaimer is on O365.

Thanks for your assistance.

Anita   



From: Maarten Oelering [mailto:maarten at postmastery.net] 
Sent: Saturday, April 02, 2016 3:23 AM
To: Duggan, Anita <aduggan at rbi.com>
Cc: dmarc-discuss at dmarc.org
Subject: Re: [dmarc-discuss] DMARC configuration when using spam solution in Front of O365

If you can share the full email header of a test mail as it is received, that would help. For example from a Gmail account. Based on that it's easy to check SPF/DKIM validation, alignment, etc. You can also use a service like emailaudit.com to check all DMARC prerequisites.

Maarten
Postmastery

On Friday, 1 April 2016, Duggan, Anita via dmarc-discuss <dmarc-discuss at dmarc.org> wrote:
Good Morning,
 
We are in the process of setting up DKIM and DMARC for our domains.   Our inbound and outbound email flow goes from O365 to a spam provider and then to the internet and vice versa.   We have implemented DKIM / DMARC on O365, using the 2 cname records, and have DMARC set to take no action at this time.  However, I am unclear what action needs to be taken to address that the last hop before our mail goes out to the internet is our spam provider.  Any assistance would be greatly appreciated
 
 
Thanks,
 
ADuggan 
aduggan at rbi.com
 
The information contained in this message may be proprietary, confidential or trade secret and may be legally privileged. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or reproduction is strictly prohibited and may be a violation of law. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message. 

Les renseignements contenus dans ce message peuvent être de propriété exclusive, de nature privilégiée, confidentiels ou relever du secret commercial. Ce message est strictement réservé à l’usage de son ou ses destinataires. Si vous n’êtes pas le destinataire prévu, vous êtes, par la présente, informé que toute utilisation, distribution, divulgation ou reproduction est strictement interdite et peut constituer une infraction à la loi. Si vous n’êtes pas le destinataire prévu, veuillez communiquer avec l’expéditeur par courriel et détruire tous les exemplaires du message original. 
The information contained in this message may be proprietary, confidential or trade secret and may be legally privileged. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or reproduction is strictly prohibited and may be a violation of law. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message. 

Les renseignements contenus dans ce message peuvent être de propriété exclusive, de nature privilégiée, confidentiels ou relever du secret commercial. Ce message est strictement réservé à l’usage de son ou ses destinataires. Si vous n’êtes pas le destinataire prévu, vous êtes, par la présente, informé que toute utilisation, distribution, divulgation ou reproduction est strictement interdite et peut constituer une infraction à la loi. Si vous n’êtes pas le destinataire prévu, veuillez communiquer avec l’expéditeur par courriel et détruire tous les exemplaires du message original. 



More information about the dmarc-discuss mailing list