1 Answer
- Newest
- Most votes
- Most comments
0
Hi,
It sounds like DMARC enforcement is not enabled on your organization. Once enabled it should honor the DMARC rules set by the domain owner.
Kind regards, Robin
The DMARC enforcement under WorkMail "Organization settings" DMARC tab is enabled, I've double-checked that.
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 9 days ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
More information: I opened the spam email in a text editor, and it shows below in the mail header:
X-SES-Spam-Verdict: PASS X-SES-Virus-Verdict: PASS Received-SPF: softfail (spfCheck: transitioning domain of <my domain> does not designate 88.209.254.24 as permitted sender) client-ip=88.209.254.24; envelope-from=Noreply@<my domain>; helo=kxaeyoak.americamidol.com; Authentication-Results: amazonses.com; spf=softfail (spfCheck: transitioning domain of <my domain> does not designate 88.209.254.24 as permitted sender) client-ip=88.209.254.24; envelope-from=Noreply@<my domain>; helo=kxaeyoak.americamidol.com; dmarc=fail header.from=<my domain>; X-SES-RECEIPT: AEFBQUFBQUFBQUFFUEJKYXA4c2wxd214NFBjTVQ3UU8vMlRkUkdnY2t2b2E2UHZVQ2lQNXZ2SGJpbzRqNTF2QVJnc1VtRitCZ2hHMDhHYW5KY0pPNFROdFFndGc2cU5tRnVjbUM1bGdGeDVLRnpDdExxSUs4VWs0LzJuZjVnY2pRVXlXODJ6RWVGS0V5dTN6aVNrSFBqMnpIQUJPVUd6RmJrcW1BYmRIYlVQQ2c3Q0xXTUZVU2tWbWVQSVg2ZWpvSWI1a3p4STRQNHNXOUlOS2JLMmtRTXhjblJaSWJaT3ZpUTRLQTVTQ0xuMnFXT0lhaVRrRGxNdlU0ZG1ucnB1SERrNkFvSHhYM0N3eGEyUExCNVkwMlpDMndkOVZYSDQrdHQ4aEpBZ0RwWHZwaWRKSzRiMUY4c0E9PQ== X-SES-DKIM-SIGNATURE: a=rsa-sha256; q=dns/txt; b=JOl0gyYOa2Clwbc4Z/rI0Zyy9WKM/iXVKQLL1kJS3EjrioyvdzWBqFgybB59NrPRcoRach8APNSpIGCopdmddBG4Tn.....
So it looks like DMARC detects the sender as invalid, but why does it still allow this spam email to come into my inbox, not the junk mail folder? By the way, the spam email was received in a group email (virtual account) and distributed to every member of the group.