DMARC failure on forwarded SharePoint Online emails

Copper Contributor



I have a number of Exchange Online mailboxes set to forward to different Gmail and addresses via mail flow configuration. 


From Monday (08/10/2018), all forwarded mail from (the default from-address of SharePoint Online used for alerts and workflow email) has ended up in the spam/junk folder of the recipient account.


It appears that the forwarded mails are failing DMARC so are being quarantined by the recipient mailbox.



Authentication-Results: spf=pass (sender IP is;; dkim=pass (signature was
verified);; dmarc=fail

Received-SPF: Pass ( domain of
designates as permitted sender); client-ip=;;

The way I understand it, DKIM and SPF are passing but DMARC is failing because the header.d address does not match the header.from address.


Is that about right? Is there any way around this?


I understand that I need to add a DKIM record for to my domain but I'm just using the default mytenant.onmicrosoft domain. I'm not using a custom domain. Surely Microsoft should have configured this already?


Thanks for any help.

0 Replies