cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3142
Views
0
Helpful
5
Replies

Emails that route to 365 through ironport failed spf, dkim & dmarc

Udi Burg
Level 1
Level 1

Hi,

We recently moved from on-perm Exchange to Exchange online (365).

We used Ironport before that move and after the move. We're now with Hybrid configuration and all emails are received and sent from 365.

The Ironport is our MR for incoming emails. We've configured a connector on the 365 that whitelist the IP's of our Ironport.

The issue now is that all the emails we're getting are failing SPF, DKIM and DMARC and some of them are going to junk.
This happens because the spam filtering of the 365 is saying that the Ironport IP's are not allowed to send from the external domains. It's like the 365 sees the Ironport as the source of the emails and it doesn't see or relate to the original IP of the original sender.
What should I do in order to fix it?

1 Accepted Solution

Accepted Solutions

shane.dollery
Level 1
Level 1

From memory Microsoft call it skip listing. Enhanced filtering for connectors in Exchange Online | Microsoft Learn should give you the answers you're looking for.

Cheers,

SD

View solution in original post

5 Replies 5

shane.dollery
Level 1
Level 1

From memory Microsoft call it skip listing. Enhanced filtering for connectors in Exchange Online | Microsoft Learn should give you the answers you're looking for.

Cheers,

SD

Thanks, will check and try that.

Cheers,

Udi

@shane.dollerythat worked.

Thanks!

andrey.rusev
Level 1
Level 1

Hi Udi,

you can try with adding a cert based receive connector. In that way O365 should treat ironports as internal traffic

Regards!

Hi Andrey,

Actually the answer @shane.dollery  provided helped solving the issue.

Regards,