We have a system that sends transnational email to customers. We also have an SPF record that allows all of our outbound mail servers, and ends with ~all (softfail). We also have proper DKIM and DMARC (with forensic reporting enabled).
The issue is when we send emails to <someuser>@hotmail.com, we get DMARC failure/spam reports fromstaff [at] hotmail.com stating:
This is an email abuse report for an email message received from IP 104.47.125.83 on Sun, 14 Feb 2016 07:02:27 -0800.
The message below did not meet the sending domain's authentication policy.
For more information about this format please see http://www.ietf.org/rfc/rfc5965.txt.
The report included is as follows:
Feedback-Type: auth-failure
User-Agent: XMR/2.2
Version: 1.0
Original-Mail-From: <webmaster@<domain removed>.com>
Arrival-Date: Sun, 14 Feb 2016 07:02:27 -0800
Message-ID: <20160214150202.cf6b8ba0a831@www.<domain removed>.com>
Authentication-Results: hotmail.com; spf=fail (sender IP is 104.47.125.83; identity alignment result is pass and alignment mode is relaxed) smtp.mailfrom=webmaster@<domain removed>.com; dkim=fail (identity alignment result is pass and alignment mode is
relaxed) header.d=<domain removed>.com; x-hmca=fail header.id=webmaster@<domain removed>.com
Source-IP: 104.47.125.83
Auth-Failure: signature
Reported-Domain: <domain removed>.com
DKIM-Domain: <domain removed>.com
DKIM-Identity: @<domain removed>.com
DKIM-Selector: default
My question and issue is, why is Microsoft resending our emails internally, changing the sent-from IP and failing the SPF check?
Going to need someone from MS to address this as it seems to be an internal thing..
Please see: http://answers.microsoft.com/en-us/outlook_com/forum/oemail-osend/email-to-hotmail-and-other-ms-domains-rejected-due/34026f1a-9116-44cf-845e-66e5dcbc264e for more detail.