Forum Discussion
Authentication-Results-Original email header
Thank you LeonPavesic for your reply. However, I'm trying to find out why this issue is happening.
I set up SPF, DKIM and DMARC correctly but for some reason the two headers I added above are adding to my emails making SPF and DKIM fail depending what header is read.
When I analyse headers with MSToolbox, it shows valid SPF and DKIM but it shows as SPF none and DKIM none when I check on MS365 Defender > Explorer (see attachment)
Hi cristinapalomino,
thanks for your update and the screenshot.
The image you sent shows that your email is failing DMARC validation. This is likely because your tenant's DMARC policy is set to p=reject and your domain does not pass DMARC verification.
There are two things you can do to fix this problem:
- Ensure that your domain passes DMARC verification. You can do this by checking your SPF and DKIM records and making sure that they are correctly configured. You can also use a tool like the Microsoft DMARC Record Generator to create a DMARC record for your domain.
- Change your tenant's DMARC policy to p=quarantine. This will prevent your emails from being rejected, but they will still be quarantined and reviewed by Microsoft.
The articles Authenticate Outbound Email to Improve Deliverability - Microsoft Community Hub and Announcing New DMARC Policy Handling Defaults for Enhanced Email Security - Microsoft Community Hub state that Microsoft has rolled-out out new DMARC policy handling defaults to enhance email security. With the new policy, Microsoft will now reject emails that fail DMARC validation if the sender's policy is set to p=reject or p=quarantine.
This means that if you do not fix the problem with your DMARC validation, your emails will be rejected by Microsoft.
I recommend that you fix the problem with your DMARC validation as soon as possible. This will help to ensure that your emails are delivered to your recipients.
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If the post was useful in other ways, please consider giving it Like.
Kindest regards,
Leon Pavesic (
LinkedIn)
- cristinapalominoOct 16, 2023Copper Contributor
Hi, thank you again LeonPavesic
I've checked SPF, DKIM and DMARC config and everything is correct. I've added the results from mxtoolbox analyse header, my domain as you can see pass SPF, DKIM and DMARC. However it doesn't when I check on MS Defender, as shown in the screenshot I attached earlier.
Comparing a few email headers, it looks like MS Defender was taking results from ''Authentication-Results-Original" rather than from "Authentication-Results"
- BroBias7Nov 29, 2023Copper ContributorFinally, a really professional answer would be required instead of pushing standard HowTos to hunt for community achievements ..... and silence.
What a shame.