We are running a RedHat/Postfix configuration of LISTSERV 16.0-2014B. Within the last 20 days a number of our subscribers on various lists have started receiving:
“This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing”
This occurs after the subscriber on Office 365 has submitted a posting and after distribution his copy is
sent to him with this flag -- no other subscribers on other domains see this error, but other subscribers in his domain also see this warning.
We have a valid SPF record in place for listserv.cuis.edu, but have not implemented any kind of DKIM or DMARC records on LISTSERV (or elsewhere).
Is this a 'new' common problem? Is there a workaround (there are many domains affected because many of our subscribers are Office
365 users)? Both LSoft and Microsoft have suggested that a valid SPF record for our LISTSERV should be enough, but that is obviously not working for us.
-Rich Helmke