Hi all. Maybe this can help: One of our customers found the issue that was causing this behaviour for their email messages: the messages were lacking the "Message-ID" header but "Message-ID" is listed in the "h=" DKIM parameter hence used in the signature.
Apparently Microsoft adds the missing header, breaking the signature in the process. Regards, On Mon, Jun 23, 2025 at 8:09 AM Jaroslaw Rafa via mailop <[email protected]> wrote: > Dnia 18.06.2025 o godz. 10:02:47 Yves-Marie LE PORS-CHAUVEL via mailop > pisze: > > Hi there, > > > > Since Monday 11:10am UTC, we see a huge rise of that SMTP answers with > > Outlook : > > > > *550 5.7.515 Access denied, sending domain DOMAIN.TLD doesn't meet the > > required authentication level. The sender's domain in the 5322.From > address > > doesn't meet the authentication requirements defined for the sender. To > > learn how to fix this see: > > https://go.microsoft.com/fwlink/p/?linkid=2319303 Spf= Pass , Dkim= Fail > > , DMARC= Pass [XXXXXX] [XXXXXXXXXX]* > > They state "DMARC=Pass" yet they still reject the mail only because DKIM > fails (from their point of view of course)? > > What a nonsense! Why they check DMARC at all if they require *both* SPF > *and* DKIM to pass? > -- > Regards, > Jaroslaw Rafa > [email protected] > -- > "In a million years, when kids go to school, they're gonna know: once there > was a Hushpuppy, and she lived with her daddy in the Bathtub." > _______________________________________________ > mailop mailing list > [email protected] > https://list.mailop.org/listinfo/mailop > -- -- Paulo Azevedo
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
