You are viewing limited content. For full access, please sign in.

Question

Question

Forms emails failing to external recipients (Gmail) due to DMARC / DKIM — Exchange treating mail as MAPI instead of SMTP?

Forms Version 10 Administration Ideas How To
Updated February 11
asked on January 28

We’re running into an issue with Laserfiche Forms email notifications and approval emails failing when sent to external recipients (notably Gmail). Internal delivery works without issue.

Error messages indicate DMARC failures. After reviewing message headers with our sys admin, it appears Exchange is treating the messages as MAPI/internal mail rather than true SMTP, so DKIM signing is not being applied. When those messages leave the tenant, they fail DMARC enforcement externally.

Key details:

  • Laserfiche Forms SMTP configured to smtp.office365.com

  • Port 587, secure connection enabled

  • Authenticated send using a dedicated mailbox

  • Validation email from Forms config succeeds

  • Internal recipients receive mail normally

  • External recipients reject due to DMARC/DKIM

Has anyone else seen Exchange classify Forms-generated emails as internal/MAPI despite SMTP submission?
If so:

  • Was this resolved via Exchange transport rules?

  • DKIM configuration changes?

  • Dedicated SMTP relay / connector?

Looking to confirm whether this is expected behavior with O365 + Forms and what the recommended fix is from others who’ve hit this.  Any help or guidance would be greatly appreciated!

0 0

Replies

replied on January 29

We did have a lot of customers using Office 365 as their SMTP server in the past but because of constant problems in the last couple years everyone has switched to using OAuth instead which seems to work best with Office 365.

I am not sure about this exact problem but I do believe that Forms does use the SMTP protocol, not MAPI. I recommend using OAuth when it comes to Office 365 to alleviate many potential issues.

2 0
replied on February 11 Show version history

Thanks again, @████████, for taking the time to respond to my question.  I shared your comments with our sys admin and he created the App registration for OAuth SMTP for LF, and delegated Send-as permissions for the application to the LF mail account.  He also provided me with tenant ID, client ID, client secret, etc. 

Do you know where on the Laserfiche side I would make these updates to make the switch to OAuth?  Any direction you can provide would be greatly appreciated.

Also, wanted to add that we are still on LF Forms 10.4 but hope to get to 12 in the next couple of months.  Not sure if that makes a difference.

0 0
replied on February 9

Thanks Chad!  I will past this info along to our Sys Admin.

 

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...