I want to add a header to SharePoint Online emails that will allow it to bypass our FED quarantine content rule. When an executive in our FED dictionary requests access to a SharePoint Online resource or leaves a comment in a document, the email winds up quarantined by FED because the SharePoint Online notifications use the display name of the O365 user as the display name of the email.
I have a content rule that checks if the sender is firstname.lastname@example.org, and checks to see if the ARC-Authentication-Results header contains dmarc=pass and header.d=sharepointonline.com and if all those conditions are true, then insert the header.
What would be great would be a condition in the content filters if DMARC verification = pass however that doesn't exist yet and hence my kludgy work around. It was working for a bit however now it has stopped. Is anyone else using a content filter to check if a SharePoint Online email passed DMARC? If so how are you doing that?