Microsoft
Microsoft
MicrosoftDean_Gross a detailed explanation how to check the header regarding trusting ARC config is here Use Trusted ARC senders for legitimate devices and services between the sender and receiver - Office 365 | Microsoft Learn
If there's an ARC seal from a third party before the message reaches Microsoft 365 Defender, check the headers once the email is received and view the latest ARC headers.
In the last ARC-Authentication-Results header, check whether ARC validation is listed as pass.
An ARC header that lists an 'oda' of 1 indicates that previous ARC has been verified, the previous ARC sealer is trusted, and previous pass result can be used to override the current DMARC failure.
An ARC pass header showing oda=1
See the email authentication methods at the end of this header-block for the oda result.
ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 40.107.65.78) smtp.rcpttodomain=microsoft.com smtp.mailfrom=sampledoamin.onmicrosoft.com; dmarc=bestguesspass action=none header.from=sampledoamin.onmicrosoft.com; dkim=none (message not signed); arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=sampledoamin.onmicrosoft.com] dkim=[1,1,header.d=sampledoamin.onmicrosoft.com] dmarc=[1,1,header.from=sampledoamin.onmicrosoft.com])