Hi
I raised a request recently and I accepted answer and it was closed.
I have a further question though.
https://learn.microsoft.com/en-us/answers/questions/378681/genuine-spoofing.html
The original question was
On our customer facing site we have a contact form for users to fill in. This contact form is managed by Sendinblue.
When users complete this form an email is sent to a shared mailbox within our domain.
Sendinblue have spoofing in place so that when the email comes into our shared mailbox it appears to have come from the user that filled in this form (they add their email into the form)
EOP is correctly picking this up as spoofing and sends these emails to the junk folder in the shared mailbox.
We are considering creating a new anti spam policy to resolve this and targeting only the shared mailbox and including an allow for @smtp-relay.sendinblue.com
Doing this however would open this mailbox up to more junk.
Would this be the best way to approach a situation like this?
The response I received was to use a transport rule targeting @smtp-relay.sendinblue.com and to use DMARC as this would be more secure
My question is though if the email is being spoofed then would the dmarc not be pointing to the user who filled in the form rather than sendinblue?