How to Fix DMARC Failures When Forwarding Emails Through Google Groups?

By
Dan
-
0
7
Asked By TechSavvyGuru29 On

I'm having an issue with email forwarding between two different domains: "domain1.com" hosted on Exchange and "domain2.com" on Google Workspace. We've got connectors set up properly, but here's the problem: when a user from "domain1.com" sends an email to a Google Group at "[email protected]", the email is forwarded to the group's members, but the sender appears as "domain2.com" despite being DKIM authenticated for "domain1.com". This leads to a DMARC failure, even though DKIM passes. I've been advised to add "domain1.com" to Google Workspace's DKIM settings, but I'm not sure if that will solve the issue since Google is merely forwarding the emails. In an update, Google Workspace support mentioned that because my DMARC policy is set to p=none, it's prioritizing the original "From" header integrity. Therefore, the Return-Path changes to "domain2.com" which causes the alignment mismatch. They said the rewriting would only happen if the policy were set to quarantine or reject. Can anyone confirm if changing the DMARC policy to p=quarantine would help, or suggest other solutions?

2 Answers

Answered By EmailNinja23 On

This specific issue appears to be isolated to Google Groups. If you can communicate directly between both domains without issues, focusing on the setup and configuration of Google Groups is a good call. You probably won't need to add anything to Google Workspace regarding DKIM for "domain1.com" if the problem is specifically with how the Google Group handles the forwarded emails.

Answered By WebMaster101 On

It sounds like you've already gotten some good feedback from Google support. The key issue here seems to be the DMARC policy set to p=none. If you wanted proper alignment, switching to p=quarantine might be the way to go. Google Groups doesn't rewrite the From header unless the DMARC policy is more restrictive. Switching the policy will allow you to monitor how emails are treated during delivery, even if it seems scary to change it just to test, it might ultimately save you a lot of confusion and problems down the line.

Related Questions

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.