Email Routing - Delivery Failed

I have email routing setup to forward to iCloud email. A number of emails appear to be being rejected by iCloud:


Unknown error: permanent error (554): 5.7.1 Your message was rejected due to’s DMARC policy. See Postmaster information for iCloud Mail - Apple Support for info

DKIM and SPF are both shown as passing.

This appears to happen across a number of different email sources and only appears to happen when Cloudflare email routing is an intermediary

Do you have a snippet of the Authentication-Results header from the failing emails?

Cloudflare rewrites the RFC5321.MailFrom field on an email so it won’t be aligned with RFC5322.From - restrictive DMARC policies can cause this to be a failure.