We are seeing DMARC Failure reports from LinkedIn when they receive an Automatic Reply from an Office 365 user.
It seems to fail DKIM and therefore DMARC but if I turn on Automatic Replies and send a test from an external sender such as Gmail, I can't replicate the issue. SPF, DKIM and therefore DMARC all 'PASS'.
Does anyone know why the LinkedIn emails are affected?
These emails are sent by the Mailbox Rules Agent and I note that the Return-Path/MAIL FROM field are blank. Others have mentioned this being a cause, but I'm not so sure.
I am having this issue myself with our custom O365 domain. SPF and DKIM setup and working. However this problem only seems to be reported back from LinkedIn. It was a bounce back from a member of staff who no longer exists in our domain.
Looking at the email headers it comes back as 'SPF Alignment failed' and 'DKIM-Signature Body Hash Not Verified'
The error advice says 'Add dkim monitor for yourdomain.com:selector1' which I assume is the DNS entry. Which is already in our DNS as it was setup as per the instructions for Exchange Online.