cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

NDR and failed forward

Forrest Hoffman
Steel Contributor

‎Jun 24 2020 02:02 PM

‎Jun 24 2020 02:02 PM

NDR and failed forward

Getting lots of failed e-mail from the no-reply@sharepointonline.com .

We have SharePoint Lists that generate notifications when items are changed as part of Employee notifications.

Seems to be mostly from the mail forwards some of our staff have set up going to Yahoo and other organizations. I believe that it is related to improper DMARC or DKIM records.

According to the Microsoft Roadmap there are changes coming to change the sender ID BUT it will not be enabled for Legacy SharePoint which is what we have.

Does anyone have any ideas on how to get the notifications from SharePoint to flow without being rejected by other recipient orgs?

Labels:
4,796 Views
0 Likes
3 Replies
Reply
3 Replies
BemmelenPatrick

‎Jun 25 2020 11:36 PM - edited ‎Jun 25 2020 11:43 PM

‎Jun 25 2020 11:36 PM - edited ‎Jun 25 2020 11:43 PM

Re: NDR and failed forward

Hello Forest,

Could you maybe post an example of a NDR?
This should give you the reason and what I suspect is that the recipient's mail server checks the message based on the sender (@sharepoint.com/@microsoft.com) which fails of course.
As there is no possibility to "edit" the message header or original sender I would advice you to change the behavior of the forwarding.
You could add a Transport Rule which says "If sender is.." and then apply an action to it depending on your needs.
0 Likes
Reply
Forrest Hoffman

‎Jun 26 2020 05:38 AM

‎Jun 26 2020 05:38 AM

Re: NDR and failed forward

@BemmelenPatrick This one was rejected to to DMARC failure that may be because DMARC does not traverse on Forwards or Microsoft hasn't set DMARC on sharepointonline.com and the recipient domain MIL is very strict about security.


"Status

 

Office 365 received the message that you specified, but couldn't deliver it to the recipient (xxxxxxx@mail.mil) due to the following error:

Error: 550 5.7.1 550 #5.7.1 DMARC unauthenticated mail is prohibited

A non-delivery report (NDR) message was sent to no-reply@sharepointonline.com. The NDR might provide more details about why the email message wasn't delivered and how to fix the issue.
 
How to fix it
Ask the sender (no-reply@sharepointonline.com) to follow the instructions in the NDR to fix this issue. The NDR might also include specific information for email admins. If the sender is unable to fix the issue, ask them to forward you the NDR and then follow the guidance for email admins."
 
 
This one was rejected by AOL.com (yahoo.com)
Status
Office 365 received the message that you specified, but couldn't deliver it to the recipient (xxxxxx@aol.com) due to the following error:

Error: 554 5.7.9 Message not accepted for policy reasons. See https://help.yahoo.com/kb/postmaster/SLN7253.html

A non-delivery report (NDR) message was sent to no-reply@sharepointonline.com. The NDR might provide more details about why the email message wasn't delivered and how to fix the issue.
 
How to fix it
Ask the sender (no-reply@sharepointonline.com) to follow the instructions in the NDR to fix this issue. The NDR might also include specific information for email admins. If the sender is unable to fix the issue, ask them to forward you the NDR and then follow the guidance for email admins.
 
Although the reference link does not specifically mention DMARC, it does give this explanation, "Your message wasn't delivered because Yahoo was unable to verify that it came from a legitimate email sender.

Your email failed one or more authentication checks that Yahoo uses to verify emails are truly sent from the domains they claim to originate from."

I know there is issues with DMARC and forwards but how is one supposed to tell recipients that the mail is legitimate?

0 Likes
Reply
BemmelenPatrick

‎Jun 27 2020 04:42 AM

‎Jun 27 2020 04:42 AM

Re: NDR and failed forward

Hello Forest,

The spam protection cannot be turned off because that would mean that a lot of spam would be passed through to the mailboxes.

I'm afraid you will need to either disable the forwards on the mailboxes and tell users to look into their own mailboxes or set up mail flow rules which change the behaviour of the received message.
0 Likes
Reply