we currently have an inbound DMARC Policy with the main action set to "Honour TXT record" that is working so far.
Since incoming emails from senders with a "p=quarantine" DMARC policy will be quarantined by our Sophos Email Appliance, we send a notfication by email to our internal recipient so he is aware of this and can check the quarantined email.
Unfortunately, notifications to the recipient are apparently also being sent if the senders domain has a "p=none" policy for example and the email has been delivered.
Since this produces a lot of "false positives" we need an option so these notifications are only sent if the email has been actually quarantined due to "p=quarantine" policy of the sender.
Is that basically possible or do we have to solve this via additional SPF + DKIM policies (and reordering them) etc?
Thank you for contacting the Sophos Community!
I think the only way would be to override the Sender Policy in the SEA and so you can choose what happens with the message.
However, I think to fix it the correct wat, would be as you mention by having additional SPF and DKIM policies.