08-15-2023 02:07 PM
I am trying to allow an external helpdesk ticketing system send emails using their email server as an internal user. Basically spoofing my email address. When doing so DMARC verification is failing (for obvious reasons). However, attempting to bypass the DMARC check for this particular domain or sender is not working. I followed the documentation here: https://www.cisco.com/c/en/us/support/docs/security/secure-email-gateway/217036-how-to-bypass-dmarc-check-on-email-secur.html
But, I continue to get the same results. Any suggestions on bypassing a DMARC check for a particular sender? The sender seems to have numerous sending IP's and I can't seem to find a definitive list.
Garrett
Solved! Go to Solution.
11-13-2023 06:57 AM
My solution was to setup the software to send as our domian by adding DKIM records in our DNS. This is a better solution to the problem anyway since bypassing DMARC would allow any other sender from the vendors domain to bypass DMARC.
08-23-2023 10:53 AM
In Mail Policies/DMARC, click Edit Global Settings button, you can do it two ways.
1. create an address list under Mail Policies/Address Lists, and set that list as the Specific Senders Bypass Address list
2. put specific headers for it to look for in the "Bypass verification for messages with headers"
You could also do it in the Host Access Table, by creating a sender group with the IPs that are sending this mail, and then creating Mail Flow Policy that doesn't check DMARC....
Number 1 above is the easiest way
08-23-2023 11:04 AM
Thanks @Ken Stieers,
The first way is what the document I posted says to do. However, it does not do what I expected the DMARC check still fails. I haven't tried the header method yet.
I have used the HAT to do this very thing and was successful. However, this sender does not have a published list of IP addresses and I was already up to 4 when I decided that wasn't a viable method.
08-23-2023 11:43 AM
08-23-2023 11:48 AM
11-10-2023 04:55 AM - edited 11-10-2023 04:55 AM
Hello @Ken Stieers
Are there some documentation and example for the 2.put specific headers for it to look for in the "Bypass verification for messages with headers"
I'm searching the correct syntax to bypass based on Envelope Recipients
Thanks,
Yannick
11-10-2023 08:40 AM
11-13-2023 06:24 AM - edited 11-17-2023 01:31 AM
Bypassing DMARC checks for a specific sender requires a careful approach to address alignment issues and ensure proper authentication methods like DKIM and SPF are correctly configured. If the provided Cisco documentation is not yielding the desired results, consider verifying the sender's alignment, checking https://deltaheatedvest.com/best-sports-bras/ their DMARC policy, and inspecting DKIM signatures.
11-13-2023 06:57 AM
My solution was to setup the software to send as our domian by adding DKIM records in our DNS. This is a better solution to the problem anyway since bypassing DMARC would allow any other sender from the vendors domain to bypass DMARC.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide