you have to try to find out users who are sending emails in a way you described, and ask them to change FROM address to the one matching sender domain (senderdomain.aaa)
or you can move to REJECT policy and accept the loss of emails, sent by those users.
--
Aleksandr
07.07.2019, 14:49, "Jay 1985 via dmarc-discuss" <dmarc-discuss@dmarc.org>:
we have a scenario where some users send emails "on behalf of" other email address. Headers appear like...,Sender: us...@senderdomain.aaaFrom: us...@fromdomain.bbbReturn-Path: <prvs=12345abcd=us...@senderdomain.aaa>DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=senderdomain.aaa;In gmail both SPF and DKIM authentication passed but this doesn't align with the from domain DMARC fails. How to tackle this situation. is there any way forward? this is the only issue pending to move forward in reject mode._______________________________________________
dmarc-discuss mailing list
dmarc-discuss@dmarc.org
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
_______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)
