DMARC Override! Email getting delivered despite p=reject

You could be too important for your emails to be missed and other reasons.

Your DMARC policy is on the highest enforcement, and yet your emails are getting spoofed! This is called DMARC Override. It is frustrating — we know. Why is it happening? Here’s why:

Imagine you are the central bank of the nation or an important entity, and the banks in the country want to make sure that your emails are not missed at any cost. They may incorporate local policies on their end on their mail servers, to ensure that they don’t miss a single email. This hyper-zeal may result in spoofed emails getting delivered as well. This will give you a sense why this can happen but there are other technical reasons as below according to the DMARC RFC.

  1. forwarded: The message was relayed via a known forwarder, or local
    heuristics identified the message as likely having been forwarded.
    There is no expectation that authentication would pass.

Need further help, write into our email authentication, DMARC and BIMI ninjas on who will be happy to help.



Cyber Security Investor

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store