> you have to try to find out users who are sending emails in a way you > described, and ask them to change FROM address to the one matching > sender domain (senderdomain.aaa)
Or change the bounce address while signing. Having an SPF pass helps in case of DKIM hiccups. > or you can move to REJECT policy and accept the loss of emails, sent > by those users. Or try quarantine with varying pct... Best Ale -- > -- > Aleksandr > > 07.07.2019, 14:49, "Jay 1985 via dmarc-discuss" <dmarc-discuss@dmarc.org>: > > we have a scenario where some users send emails "on behalf of" > other email address. Headers appear like... > Sender: us...@senderdomain.aaa <mailto:us...@senderdomain.aaa> > From: us...@fromdomain.bbb <mailto:us...@fromdomain.bbb> > Return-Path: <prvs=12345abcd=us...@senderdomain.aaa > <mailto:prvs=12345abcd=us...@senderdomain.aaa>> > DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; > d=senderdomain.aaa; > > In gmail both SPF and DKIM authentication passed but this doesn't > align with the from domain DMARC fails. How to tackle this > situation. is there any way forward? this is the only issue > pending to move forward in reject mode. > _______________________________________________ dmarc-discuss mailing list dmarc-discuss@dmarc.org http://www.dmarc.org/mailman/listinfo/dmarc-discuss NOTE: Participating in this list means you agree to the DMARC Note Well terms (http://www.dmarc.org/note_well.html)