Forum Discussion
Solved
DMARC, DKIM, SPF none but Composite authentication pass
Hi all, I have a email where DMARC, DKIM, SPF are marked as None, but still Composite authentication as passed. How can this be since the info of the composite authentication says: Combines multi...
According to MS docs -> If a domain doesn't have traditional SPF, DKIM, and DMARC records, those record checks don't communicate enough authentication status information. Therefore, Microsoft has developed an algorithm for implicit email authentication. This algorithm combines multiple signals into a single value called composite authentication, or compauth for short.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/email-validation-and-authentication?view=o365-worldwide#composite-authentication
Composite authentication result. Used by Microsoft 365 to combine multiple types of authentication such as SPF, DKIM, DMARC, or any other part of the message to determine whether or not the message is authenticated. Uses the From: domain as the basis of evaluation.
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-spam-message-headers?view=o365-worldwide#authentication-results-message-header-fields
well also check the FROM header of the email, I guess MS needs to disclose the other parts of the message.cheers mate
If you haven't configured SPF, DKIM, and DMARC for your domain, Microsoft will handle it by applying the composite authentication or compauth for your domain. But, they recommend us to configure these authentication methods manually for each custom domains. Check out what to implement for your domain below.
https://blog.admindroid.com/a-guide-to-spf-dkim-and-dmarc-to-prevent-spoofing/
https://blog.admindroid.com/a-guide-to-spf-dkim-and-dmarc-to-prevent-spoofing/