Forum Discussion

Dan Genel's avatar
Dan Genel
Brass Contributor
Apr 03, 2019

Ignoring SPF & DMARC failures

One or our external website pages is used to submit content and leverages SendMail to route to internal team members.      We use the submitter's email address as the from address, and not surprisi...
exchange online
office 365
outlook
VasilMichev's avatar
VasilMichev
MVP
Apr 03, 2019

Apart from adjusting the SPF record you mean? You can whitelist the sending IPs, which I imagine might be a lot (or might change in the future). Or you can create a transport rule based on some other criteria that helps you identify those messages, and set the action to bypass spam filtering.

  • Dan Genel's avatar
    Dan Genel
    Brass Contributor
    Apr 04, 2019

    VasilMichev - I can't update the SPF list - as it's each domain's SPF record that would have to be adjusted - .e.g if someone from Microsoft submits something, the Microsoft SPF record would have to allow sending from my IP address.   

     

    I should have mentioned that I do already have a transport rule that sets the SCL level of any message sent to the shared email address to -1.   

     

    Is there anything else that I can do to ensure deliver even if the SPF/DMARC checks fail?   Will a SCL of -1 ensure that all email is delivered in this situation?

     

    Thanks.

    • VasilMichev's avatar
      VasilMichev
      MVP
      Apr 04, 2019

      That rule should be sufficient, as long as it actually captures all messages sent this way.

Resources