Folks, One of the sources of mail for a domain I need to care about (nats.io) per DMARC reports is office.com; eg:
cwlgbr01ft010.eop-gbr01.prod.protection.office.com. 5.188.213.206 5.188.213.198 Do Microsoft do domain verification before allowing a sender domain to be used? I'm trying to figure out if this is: 1. Crud being correctly filtered out? 2. Someone internally using a) an MS Office cloud product which is sending notifications/invites, b) or hosted email using SMTP/POP3 to the regular mail service and that person doesn't realize that my requests for "hey y'all, is this you" really does mean them and they need to speak up? 3. Something else? I'm probably going to up the DMARC p= level to quarantine and would like to not inconvenience (more than absolutely necessary) legitimate users. This domain is seeing enough spoofing to have caused deliverability issues in the past. Thanks, -Phil _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop