SendGrid sent to spam on internal domain

I’m using SendGrid with a whitelabel to send email from my domain name, The whitelabel works perfectly for outside delivery, but when sending to an inside account on O365 the messages are trapped in the O365 spam filter.

The headers are showing a passing dkim for my traffic, which I should be able to build a transport rule on but I have no idea how to do it.

Authentication-Results: spf=pass (sender IP is;; dkim=pass (signature was verified);; dmarc=temperror action=none;compauth=pass reason=111 

I’m thinking I need a transport rule based off the whitelist Authentication-Results header, but I’m at a loss as how to do it. I don’t want to have to pay for a static IP from SendGrid unless absolutely necessary.

This is really a tiny issue in the grand scheme, but really annoying at the same time.