System Emails Are Not Routed Through Email Relay

To ensure security and delivery, system emails are not sent through previously Setup Email Relay.

The only solution available to resolve system emails failing DMARC policy is to implement Salesforce supported Email Security Mechanisms such as DKIM and/or SPF.  This also ensures that your organization will not encounter future deliverability issues as more organizations and email providers continue to adopt DMARC.

Setting up these available email security mechanisms in Salesforce does not pose a direct security risk as it is required to Verify Email Addresses to Send Email Through Salesforce to effectively prevent fraudulent email addresses from being used in Salesforce. Each user and system address requires verification directly by the owner of the address before it's allowed to send any outbound emails from the platform. This includes the Email Address for experience site notifications as outlined in the Customize Email Sent from Experience Cloud Sites for Email Verification documentation.

For auditing requirements, changes that trigger system emails sent from Salesforce are tracked via:

• • Monitor Setup Changes with Setup Audit Trail

• • Use Email Logs to Monitor Emails Sent from Salesforce

See Also:

What Is DMARC?

https://dmarc.org/overview/

Troubleshooting Steps If Site Members Don’t Receive Welcome Emails