CRM Email Rejections Caused by Missing DKIM and DMARC Settings

June 11, 2025

Missing DKIM signatures combined with strict DMARC policies caused CRM emails to bounce, leaving systems vulnerable to spoofing.

Email Security
Email Security
1
min read
CRM Email Rejections Caused by Missing DKIM and DMARC Settings

I was recently reached out to by someone experiencing an email rejection issue in their CRM system. Nobody in their team could send emails because once they hit the send button, the email, instead of being sent, would change its status to 'bounced'. What a mystery lol 🤔

Turns out, their DMARC policy was set to 'reject' and the DKIM signatures were nowhere to be found. I expressed my admiration to the DMARC policy they had set and mentioned that getting those DKIM signatures in place would have the issue sorted.

And what next? Both me and the DMARC 'reject' were left in the dust & they swung open the doors to the world of spoofing with 'p=none'.

Can’t wait to see the 'problem-solving' skill added to their CV 🙃

DMARC
Email Security
Spoofing
Cyber Security
Scam
DKIM
SPF
Related posts
All posts
Google.com Scam Sent via Gmail API - DMARC Passed, No Account Compromise

A scam email sent from @google.com passed SPF, DKIM, and DMARC without a compromised account. Here’s what it reveals about modern email threats.

Google.com Scam Sent via Gmail API - DMARC Passed, No Account Compromise
Email Security
When Vendors Control Your DNS: A Hidden DMARC Security Risk

A real-world example of how third-party DNS control can silently block DMARC visibility, redirect domain telemetry, and introduce serious email security and data exposure risks.

When Vendors Control Your DNS: A Hidden DMARC Security Risk
Email Security
2.3 million emails. One exposed API key. $10K bill.

How DMARC forensics exposed an API key leak, 2.3M unauthorized emails, and a $10K bill.

2.3 million emails. One exposed API key. $10K bill.
Email Security