> On May 3, 2022, at 8:20 AM, Cedric Amand <ced...@cedric.net> wrote: > > By implementing DMARC records, you know who's trying to send mail "on your > behalf" and I noticed that in the DMARC reports, this mailing list's server > was one of them.
This is true for users who control their domain and can manage mail flow as a result of reports . The vast majority of users do not: they use large public services that are highly incentivized to use DMARC records with adkim=s and asps=s, breaking customary email use cases and offering end users no choice in the matter of the policy selected by their ESP. This is orthogonal to SPF failure: any non-broken implementation of SPF uses the envelope From, which would not interfere with mailing list deliverability. A message may pass SPF & DKIM, only to be rejected by DMARC because DMARC pins its mechanism (called "alignment" in the RFC) to the header From: Long story short is that the world has largely adopted strict DKIM alignment policies, for good or ill and as a result anyone who sends messages on behalf of end users has to munge the From: header or face deliverability problems and sender reputation degradation.