We have had DMARC setup for some time, but have started seeing an issue caused by one of our email journaling solutions and I’m hoping someone else has some experience of dealing with this…
The 3rd party journaling solution uses AWS SES and by default this sends DMARC reports, the 3rd party have stated there is no way to disable this. Normally this would be fine, but when emails are journaled they are sent “as is” from Office365, e.g the sender is the original email sender and not the journaling user.
What this means in practice is our journaling solution is quite happily sending DMARC reports back to our DMARC mailbox (and many other 3rd parties i imagine) with failure status, as they are sent from our o365 tenant… Journaled email numbers are far greater than genuine external outbound emails, so we are seeing a 99% failure rate.
I think the only way to fix this is for the 3rd party to figure out how to disable their platform sending DMARC reports… does anyone else have any other options?