one of our customers is complaining he can't forward meeting requests to several of his private domains.
I think this is occurring since the emergency patches on Exchange 2016 CU19, have updated to CU20 now but the issue persists.
To be clear, if he forwards e-mails there are no issues. Everything is nicely rewritten to his address as sender.
However, if he forwards a meeting, most headers are rewritten, but the 'From' header still lists the original sender. This happens both from Outlook & OWA.
If the original sender has a strict DMARC policy (reject) and the address forwarded to adheres to it, it will reject the forwarded meeting request because of this.
Return-Path, Sender headers point to the address it was forwarded from.
From header is still set to original sender.
DKIM will pass, DMARC will fail.
Authentication-Results: xyz, dmarc=fail (p=reject dis=none) header.from=original-sender-domain.tld
dkim=pass (2048-bit key) header.d=forwarded-by-domain.tld email@example.com header.b=IDxyzzzz;
Any ideas what might be causing this?