print friendly version

Questions and answers

2975
Why do emails get held by DMARC security policies?


Why is mail held by DMARC policies?

DMARC is an email security protocol that verifies email sendersA DMARC record enables domain owners to protect their domains from unauthorized access and usage. This is crucial as email is increasingly vulnerable to cyberattacks, such as phishing, spoofing and impersonation attacks. When an email fails DMARC verification it is held by Mimecast – this failure is due to incorrect records at the sender end.  

How do I know if it's held by DMARC policy? 

You will know one of your emails is being held when you receive an email from Postmaster@sussex.ac.uk with the subject 'This message triggered content policies'The Policies Triggered will show DNS Authentication: DMARC Fail 

 

 

How to release mail 

If an email has failed DMARC checks it can only be released by an administratorPlease log a ticket with the IT Service Desk to ask for the email to be released – include a copy of the Mimecast notification so that we can easily find the relevant email. 

How can I stop mail being held?  

If you frequently receive mail from the sender that is held due to DMARC failure, we could consider bypassing the policy if deemed appropriate due to legitimate business need and it would not pose any significant risk to do so.  

Please note, we will also liaise with the sending organisation to advise them of your request, so they can fix the underlying issue.   Please complete the Mimecast Allow Request Form to log a request with the IT Service Desk with details of the email address you would like us to consider. 

Help us to improve this answer

Please suggest an improvement
(login needed, link opens in new window)

Your views are welcome and will help other readers of this page.

Categories

This is question number 2975, which appears in the following categories:

Created by Lucy Pearson on 8 January 2024 and last updated by Sharon Beckett on 29 August 2024