cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Microsoft 365 groups external guests -DMARC fail

rupie100
Copper Contributor

‎Jun 02 2021 08:05 AM - last edited on ‎Feb 01 2023 11:45 AM by

‎Jun 02 2021 08:05 AM - last edited on ‎Feb 01 2023 11:45 AM by

Microsoft 365 groups external guests -DMARC fail

We have external members in a M365 group.

1. ExternalMember1 sends an email to the group. ExternalMember1's domain has strict DMARC policies in place.

2. M365 delivers the message to ExternalMember2, who uses iCloud, with a new Sender Address auto-created by M365 (a complicated address combining the user and the group, with our domain).

3. DMARC reports the message to be blocked, and iCloud blocks the message because the sender is "spoofed".

 

At least that is what I think is happening (not my area of expertise). As of 06/2021, is there a way around this? Microsoft 365 groups and external guests are being used extensively, while at the same time strict DMARC policies are recommended. Still, having spent a couple of hours researching this subject, I currently think there's nothing I can do. Please prove me wrong.

1,356 Views
1 Like
1 Reply
Reply
1 Reply
best response confirmed by rupie100 (Copper Contributor)
rupie100

‎Jun 09 2021 07:15 AM

‎Jun 09 2021 07:15 AM

Solution

Re: Microsoft 365 groups external guests -DMARC fail

Answering to myself as I've been investigating this matter with Microsoft.

Update 9 June 2021:
Strong DMARC policy cannot be bypassed, i.e., in our scenario a Microsoft 365 group cannot be used to successfully distribute email to all recipients. The suggested workaround is to add the problematic recipients as CC (manually).

Microsoft has no ETA of resolving this limitation (I don't know if it's even possible) and as stronger DMARC rules are being recommended and honored across the web, it seems that using M365 groups + email + external guests is getting tricky.
1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by rupie100 (Copper Contributor)
rupie100

‎Jun 09 2021 07:15 AM

‎Jun 09 2021 07:15 AM

Solution

Re: Microsoft 365 groups external guests -DMARC fail

Answering to myself as I've been investigating this matter with Microsoft.

Update 9 June 2021:
Strong DMARC policy cannot be bypassed, i.e., in our scenario a Microsoft 365 group cannot be used to successfully distribute email to all recipients. The suggested workaround is to add the problematic recipients as CC (manually).

Microsoft has no ETA of resolving this limitation (I don't know if it's even possible) and as stronger DMARC rules are being recommended and honored across the web, it seems that using M365 groups + email + external guests is getting tricky.

View solution in original post

1 Like
Reply