Forum Discussion
Eagle3386
Nov 06, 2023Copper Contributor
Enterprise Outlook: SPF passes, DKIM fails, but _any_ other mail provider passes both!?
Hey, guys!
I'm the owner & operator of a server which is also used for sending e-mails.
While each & every other e-mail provider I know off succeeds in receiving mails, Enterprise Outlook customers fail to do so, moving mails from my server into their spam folders (or "Junk E-Mail" as Microsoft calls it) - which happens, because SPF validation succeeds, but DKIM fails.
However, all my relevant DNS records (SPF, DKIM & DMARC) are not only valid, but any other provider (GMail, Yahoo, etc.) report that valid state back to me everytime.
Additionally, online DKIM validators & even tools suites like mailhardener.com, report 100% conformity of my DNS records as well as my mail server's configuration with SPF, DKIM & DMARC configuration rules.
Now, while Microsoft sends out "DMARC Aggregate Report" mails, the mentioned feedback address, dmarcreportfeedback [-AT-] microsoft [-DOT-] com, neither accepts mails (always reports "550 5.4.1 Recipient address rejected: Access denied.") nor does feedback every get a reply.
Furthermore, the mentioned DMARC report from Microsoft fails to comply with yet another DMARC standard's request for providing a reason upon validation failure.
All I got was this XML, contained within the report's attached GZ archive:
<?xml version="1.0"?>
<feedback xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<version>1.0</version>
<report_metadata>
<org_name>Enterprise Outlook</org_name>
<email>email address removed for privacy reasons</email>
<report_id>75a8c8cfaf9845c38eb6f1f1a726121e</report_id>
<date_range>
<begin>1698796800</begin>
<end>1698883200</end>
</date_range>
</report_metadata>
<policy_published>
<domain>REMOVED4PRIVACY</domain>
<adkim>r</adkim>
<aspf>r</aspf>
<p>reject</p>
<sp>reject</sp>
<pct>100</pct>
<fo>1</fo>
</policy_published>
<record>
<row>
<source_ip>REMOVED4PRIVACY</source_ip>
<count>1</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>fail</dkim>
<spf>pass</spf>
</policy_evaluated>
</row>
<identifiers>
<envelope_to>REMOVED4PRIVACY</envelope_to>
<envelope_from>REMOVED4PRIVACY</envelope_from>
<header_from>REMOVED4PRIVACY</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>REMOVED4PRIVACY</domain>
<selector>REMOVED4PRIVACY</selector>
<result>fail</result>
</dkim>
<spf>
<domain>REMOVED4PRIVACY</domain>
<scope>mfrom</scope>
<result>pass</result>
</spf>
</auth_results>
</record>
</feedback>
Please, any help for resolving this issue would be greatly appreciated!
- Tube76Copper ContributorHave you found the reason? I'm having the exact same issue at the moment, no idea what is causing this to happen.
- Eagle3386Copper Contributor
- hortos152Copper Contributor
Have you found out what the problem was? Having the same issue...
- Eagle3386Copper Contributor
hortos152Sorry for the late reply, didn't receive that email.. 😅
Nope, after I received this email:Hello,Thank you for contacting the Outlook.com Deliverability Support Team.As mentioned in the error, were you able to delist your IP address by going to https://sender.office.com and following the on-screen instructions?Also. I do not see anything offhand with the IP’s (xxx.xxx.xxx.xxx) that would be preventing your mail from reaching our customers.[…]the error "magically" disappeared.. 🤔🙈