By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Amazon Workmail: how to drop or move incoming emails that failed DMARC verdict to the junk folder?

0

I have enabled DMARC enforcement in Amazon Workmail, and I can see some emails have the Authentication-Results "dmarc=fail" in the email header, but these emails still end up in my inbox.

I can also see these email logs from CloudWatch Logs Insights with the following query:

fields @timestamp, @message, @logStream, @log | sort @timestamp desc | filter event.dmarcVerdict == "FAIL"

How can I drop these emails or move them into the junk folder?

Topics
Front-End Web & MobileBusiness Applications
Tags
Amazon Simple Email ServiceAmazon WorkMail
Language
English
rePost-User-0330655
asked a year ago252 views
1 Answer
0

Hi,

To enforce an action on message that fail the checks for DMARC, the domain owner needs to set instructions on what to do with that mail. If there is no DMARC domain record the message will be delivered to the inbox.

You can leverage Mail flow rules to check messages inflight and reroute to junk when the message had DMARC failed headers.

Kind regards, Robin

AWS
EXPERT
robinkaws
answered a year ago
  • rePost-User-7485254
    a year ago

    What would be the process to do this, would it be through a function with lambda?

  • robinkaws EXPERT
    a year ago

    Information on creating mail flow rules can be found here and information on accessing the mail via lamda can be found here

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content