Apologies if this has been addressed in previous threads.
I have scenario whereby a partner org sends inbound mail including time based passcodes utilising a mail hosting platform (e.g amazones, mailgun, etc. Message trace shows that a number of other orgs utilise the same mail hosting platform and the sending IP's are the same. The partner org has configured SPF, DKIM and DMARC and from the mail items I have reviewed all of these mail items pass these checks where as the mail items from the other orgs do not. Currently all mail from this hosting platform are subject to SBRS (values range from 2.8 to 3.5 hourly) and as such the appropriate mail flow policy and throttling are applied.
I am looking for advice/ best practice for a way that will allow the DKIM/DMARC passed mail items to bypass the throttling and keep the others subject to policies based on SBRS value. What I don't want to happen is create a new flow policy that is applicable to all inbound mail enforcing DKIM/ DMARC check so that every mail item that fails these checks ends up in the Quarantine pool.
I should say that our mail flow policies are as currently as out of the box and we have been using up to now the HAT exemptions to by-pass throttling so certain IP's.
Thanks in advance,
Fraser