Forum Discussion
Auto forwarding emails treating emails as spoofed
AndresGorzelany, On further research I found that all these auto-forwarded emails are stamped an attribute Authentication-Results-Original: CompamyB.com. I created a Transport rule to set the SCL value as -1 if this attribute is found in Email-Headers and its working now, however I don't think its an appropriate solution because we are skipping the spam filtering and ATP in this workaround. Other solutions would be appreciated.
AndresGorzelany, The forwarded emails are reaching well to on company A's EOP. However they are getting quarantined and being treated as spoofed on company A. (Since the sender is also from A and through email forwarding its routed back to A organization). Below diagram would explain it better. Is there any workaround of this.
Take a look at this https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/tenant-allow-block-list?view=o365-worldwide#use-the-microsoft-365-defender-portal-to-create-allow-or-block-spoofed-sender-entries-in-the-tenant-allowblock-list and see if this could apply to your scenario.
I'll try to do some tests too.
AndresGorzelany, On further research I found that all these auto-forwarded emails are stamped an attribute Authentication-Results-Original: CompamyB.com. I created a Transport rule to set the SCL value as -1 if this attribute is found in Email-Headers and its working now, however I don't think its an appropriate solution because we are skipping the spam filtering and ATP in this workaround. Other solutions would be appreciated.
- Could you avoid forwarding by assigning the alias address bob@b.com to bob@a.com?
