Enforcement of DMARC fails. Currently DMARC fails are still delivered to the mailbox, mind you the Junk folder, but still enabled for users to take action against an identity that has failed checks. I propose that all DMARC fails do not get delivered to the mailbox, however a report be created to help administrators notify trusted senders to fix there stuff
Jeremy Hinkle commented
Microsoft needs to fix this! I set our DMARC policy to reject because I don't want spoofed emails to get through. Microsoft is undermining the DMARC policy I set because they think they know best. And now we have spoofed emails getting delivered to mailboxes (junk mail folder).