cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Bypass domain impersonation

Robert Bollinger
Brass Contributor

‎Feb 28 2022 09:57 AM

‎Feb 28 2022 09:57 AM

Bypass domain impersonation

Hey Guys, 

 

Hoping you can help here. I am trying to make it so messages sent from Survey Monkey are actually delivered to our users. 

 

The problem i have is that the messages are always quarantined and flagged as CAT:DIMP Number 9.19. I have tried to add the 3 sending email addresses into the Allow list inside the Anti-Phishing Filter but it does not seem to make a difference. 

 

I have tried to add this in the Allow/Block list but it does not seem to work either. 

 

domain.com, sparkpostmail.com

 

domain = the DIMP domain (not in our tenant but in a different tenant) 

MX = sparkpostmail.com (or spakpost.com) 

 

Our domain MX records point directly to EOP. 

 

either way it makes no difference and the messages are still flagged. and placed into the quarantine. here is the URL i am getting my info from. 

 

https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/tenant-allow-block-list?...

 

Any ideas on what i am doing wrong? mind you that whenever i add an IP Address as the sending infrastructure, that doesn't seem to work, it seems like the PTR records are required for any bypass to work (in my other tests that is). 

 

Thanks, 

 

Robert 

 

Labels:
1,528 Views
0 Likes
0 Replies
Reply
0 Replies