cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Enterprise Outlook: SPF passes, DKIM fails, but _any_ other mail provider passes both!?

Eagle3386
Copper Contributor

‎Nov 06 2023 10:25 AM

‎Nov 06 2023 10:25 AM

Enterprise Outlook: SPF passes, DKIM fails, but _any_ other mail provider passes both!?

Hey, guys!

 

I'm the owner & operator of a server which is also used for sending e-mails.

While each & every other e-mail provider I know off succeeds in receiving mails, Enterprise Outlook customers fail to do so, moving mails from my server into their spam folders (or "Junk E-Mail" as Microsoft calls it) - which happens, because SPF validation succeeds, but DKIM fails.

 

However, all my relevant DNS records (SPF, DKIM & DMARC) are not only valid, but any other provider (GMail, Yahoo, etc.) report that valid state back to me everytime.

Additionally, online DKIM validators & even tools suites like mailhardener.com, report 100% conformity of my DNS records as well as my mail server's configuration with SPF, DKIM & DMARC configuration rules.

 

Now, while Microsoft sends out "DMARC Aggregate Report" mails, the mentioned feedback address, dmarcreportfeedback [-AT-] microsoft [-DOT-] com, neither accepts mails (always reports "550 5.4.1 Recipient address rejected: Access denied.") nor does feedback every get a reply.

Furthermore, the mentioned DMARC report from Microsoft fails to comply with yet another DMARC standard's request for providing a reason upon validation failure.

 

All I got was this XML, contained within the report's attached GZ archive:

<?xml version="1.0"?>
<feedback xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <version>1.0</version>
  <report_metadata>
    <org_name>Enterprise Outlook</org_name>
    <email>email address removed for privacy reasons</email>
    <report_id>75a8c8cfaf9845c38eb6f1f1a726121e</report_id>
    <date_range>
      <begin>1698796800</begin>
      <end>1698883200</end>
    </date_range>
  </report_metadata>
  <policy_published>
    <domain>REMOVED4PRIVACY</domain>
    <adkim>r</adkim>
    <aspf>r</aspf>
    <p>reject</p>
    <sp>reject</sp>
    <pct>100</pct>
    <fo>1</fo>
  </policy_published>
  <record>
    <row>
      <source_ip>REMOVED4PRIVACY</source_ip>
      <count>1</count>
      <policy_evaluated>
        <disposition>none</disposition>
        <dkim>fail</dkim>
        <spf>pass</spf>
      </policy_evaluated>
    </row>
    <identifiers>
      <envelope_to>REMOVED4PRIVACY</envelope_to>
      <envelope_from>REMOVED4PRIVACY</envelope_from>
      <header_from>REMOVED4PRIVACY</header_from>
    </identifiers>
    <auth_results>
      <dkim>
        <domain>REMOVED4PRIVACY</domain>
        <selector>REMOVED4PRIVACY</selector>
        <result>fail</result>
      </dkim>
      <spf>
        <domain>REMOVED4PRIVACY</domain>
        <scope>mfrom</scope>
        <result>pass</result>
      </spf>
    </auth_results>
  </record>
</feedback>

 

Please, any help for resolving this issue would be greatly appreciated!

123 Views
0 Likes
0 Replies
Reply
0 Replies