DKIM, DMARC and LinkedIn



We are seeing DMARC Failure reports from LinkedIn when they receive an Automatic Reply from an Office 365 user. 

It seems to fail DKIM and therefore DMARC but if I turn on Automatic Replies and send a test from an external sender such as Gmail, I can't replicate the issue. SPF, DKIM and therefore DMARC all 'PASS'. 

Does anyone know why the LinkedIn emails are affected?

These emails are sent by the Mailbox Rules Agent and I note that the Return-Path/MAIL FROM field are blank.  Others have mentioned this being a cause, but I'm not so sure. 


3 Replies
I am having this issue myself with our custom O365 domain. SPF and DKIM setup and working. However this problem only seems to be reported back from LinkedIn. It was a bounce back from a member of staff who no longer exists in our domain.

Looking at the email headers it comes back as 'SPF Alignment failed' and 'DKIM-Signature Body Hash Not Verified'

The error advice says 'Add dkim monitor for' which I assume is the DNS entry. Which is already in our DNS as it was setup as per the instructions for Exchange Online.

Did you get anywhere with this in the end?

Hi Ryan,


I posted a similar question on Spiceworks and received some helpful replies. I can't say I've digested the info yet but this might help you.



Thanks for this, funny enough I posted a comment on this thread too! And like you haven't had chance to sit down and go through it.