Views:

Step 1: Creating Keyword Expressions

1. Go to Administration > Policy Objects > Keywords and Expressions.
2. Click Add.
3. Provide the following information:
Name: DMARC Check
Keyword expression: dmarc=fail|header.from=<domain>

Click the image to enlarge.

 
header.from details can be checked on the mail header under X-TM-Authentication-Results.
 
4. Click Save.
 

Step 2: Changing DMARC Authentication action to Pass

  1. Go to Inbound Protection > Domain-based Authentication > Domain-based Message Authentication, Reporting and Conformance (DMARC).
  2. Click the DMARC policy.
  3. From the Managed Domain drop-down list, select the domain.
  4. Do the following changes:
  • Enable DMARC
  • Insert an X-header into email messages
  • On the Intercept section, select Do not intercept messages action to all actions.

    Click the image to enlarge.

  • Click Save.

Step 3: Creating a policy to check DMARC

  1. Go to Inbound Protection > Content Filtering > Content Policy.
  2. Click Add.
  3. Provide the following information:
    1. Basic Information
      • Status: Enable
      • Name: DMARC Verification
    2. Recipients and Senders
      • Recipients: Select the domain
      • Senders: Anyone
      • Exceptions: Specify the email address or domain you want to exclude
    3. Scanning Criteria
      • Select Advanced.
      • Condition: Select Any Match
      • Select Specified header matches > click on keyword expressions.
      • Select Other > specify X-TM-Authentication-Results.
      • Select the keyword expression created from Step 1 > click Add.

        Click the image to enlarge.

      • Click Save.
    4. Actions:
      • Intercept: Quarantine
  4. Click Submit.

For further assistance, contact Trend Micro Technical Support.
Keywords: DMARC,trust,allow list,bypass,tmes,email security,create policy,allow valid senders,blocked senders DMARC