Hi, We are moving our servicedesk portal to the cloud and they have a mail service I would like to utilize. The native mail service will spoof our servicedesk account email address so that replies seemingly come from our internal account. The vendor has instructions on how to verify our domain using SPF and DKIM records. So I followed all instructions and successfully setup a TXT SPF record in our DNS manager's portal, as well as DKIM verification using public key values provided by the cloud application. After this I was successfully able to verify our domain with the vendors application.
My issue now is that all email replies from our servicedesk portal are all logged with the external sender banner. I went through and added every single domain and sender (from all addresses I could find in the RAW headers) to the Allow list in Sophos, but we are still getting the banner. How do I remove this banner for this one external sender? I was under the impression that if you add it to the allow list, then it would get a "trusted" banner, but that is not happening.
Please help. I'm not an expert in exchange mail flows, I understand basics not advanced. We do have a 3rd party vendor that supports our Sophos account and installation but I have not heard back from them on this question yet.
The trusted banner requires that DMARC pass AND be in the AllowList. If DMARC passes the banner would display Trusted in a green banner.
Thanks for the reply. That was probably it.