This organisation had a A DMARC “p=quarantine” policy DMARC record
When an Automatic Reply is sent , it actually leaves the Env Sender (RFC5321.MailFrom) Blank ( Null )
It still has the Header From
The reason for DMARC failure on Automatic Replies \ Out of Office is SPF alignment check; The Env Sender (null) and the Body Sender (yourdomain.com)
The work around for this is DKIM which should be added to it anyway to get around SPF Failure. For some reason Mimecast has not tagged the DKIM signature on the Automatic Reply, which is an alternative way to verify the authenticity of the message, is not in the mail header.
| spf=none (sender IP is 103.96.21.223) smtp.helo=au-smtp-delivery-223.mimecast.com; dkim=none (message not signed) header.d=none;dmarc=fail action=quarantine header.from=xxxxx.com.au;compauth=fail reason=000 |
The Mimecast DKIM Policies were set to tag only on the Return AddressFrom (Blank on SPF ) ( Not the Header )
Changing this to Both Resolved this
Failing that you could always enable DKIM on 365 as well as Mimecast
Automatic replies should have a Auto-Submitted: header that you can key an exception rule on.
Loading...
