Microsoft 365 - Steps to make list server email DMARC compliant

The purpose of this document is to recommend ways to make list server email messages DMARC compliant and to explain how and why messages are rewritten for DMARC compliance

UW-Madison Google Groups supports DMARC for the @g-groups.wisc.edu domain

Google Groups will automatically rewrite the From header to the following format if the sender’s domain publishes a DMARC record with a quarantine or reject policy:

"’Bucky Badger’ via listname" <listname@g-groups.wisc.edu> </listname@g-groups.wisc.edu>

Messages sent via UW-Madison Google Groups will pass SPF for @g-groups.wisc.edu, and the messages will be signed with a DKIM selector in the g-groups.wisc.edu domain. DMARC will pass as a result.

Instructions for administrators of other lists (e.g., mailman)

  1. Configure the list to rewrite the From header to use the list server’s domain " ’Bucky Badger’ via listname" < listname@listdomain > .
  2. Use DKIM to sign mail using a selector within the list server’s domain.
  3. Ensure the list server’s domain is used in the envelope-from address of the SMTP transaction and that the list server IP addresses are included in the SPF record of the domain.


Keywords:
office 365 uw madison dmarc list server domain email header quarantine reject reply-to dkim spf google groups administrators smtp IP address caution external "[CAUTION: External]" tagging subject mailman mail-man
Doc ID:
81107
Owned by:
O365 S. in Microsoft 365
Created:
2018-03-22
Updated:
2023-11-16
Sites:
DoIT Help Desk, Microsoft 365