This document explains recommended best practices for sending automated and mass email.
A common usage is to use a fake “no-reply” prevent users from replying to the messages. However, your users might have a legitimate reason to contact you, and you don't want to inconvenience them. You also may encounter delivery problems where you will need to see when messages bounce.
In order to be DMARC compliant, the address used in the SMTP transaction (envelope-from) and the address used in the From header of the message must use the same domain. It is usually easiest to use the exact same email address as well.
The IP address that sends the message needs to be defined in the From domain’s SPF record. You should avoid forging as a domain that can’t include your IP address due to security or technical constraints. Use another domain instead, such as a subdomain.
DKIM is used to cryptographically sign messages within context of a domain. Ensure that the DKIM signing domain, published in DNS, is the same as the domain used in the From header.
If you would like users to be able to reply to a different address than the one being used in the From header of the message, you can set the Reply-to header to the address where you would like to receive replies. You can use any domain in the Reply-to address.
From: "Jane User via MyApp" <myapp-no-reply@subdomain>
Create or request a new Office 365 Service Account. Use this new address as the from address when sending your messages.
If you would like to provide instructions for users that reply to your messages, use the correct method of support by setting a vacation message on the new account (used in the From header) that explains how to contact you from the official support channel.
If you don't intend to read the messages, create a filter on the account to file all messages into the "Deleted Items" folder.
If users complain that their messages aren't being received, check this account to see if the message bounced. Sometimes the account is over quota, or there were other delivery issues that can only be determined by looking at the information in the bounced message.