On Thu, 2017-11-02 at 13:28 +0100, Benoit Panizzon wrote: > How would one correctly implement email forwarding which works with all > kind of SPF, DKIM and DMARC Variants?
Hi Benoit, Short answer - you can't. DMARC is simply not designed to facilitate any type of address re-writing or forwarding. As Vladimir points out, DKIM can sometimes prevail after an email is forwarded, but it can't be assumed. Plus, that DKIM signature must be already working and aligned to the original sending domain. DMARC also breaks mailing lists. Mailman "gets around" DMARC by re-writing the From address to be that of the list and putting the original sender in the Reply-To. Fine for mailing lists, not so fine for one-to-one emails etc. There is an emerging mechanism called ARC (http://arc-spec.org/) which addresses this restriction in DMARC to some degree in certain cases. Many providers, including Google, are already trialing ARC and it is being actively worked on. Ken. -- Ken O'Driscoll / We Monitor Email t: +353 1 254 9400 | w: www.wemonitoremail.com Need to understand deliverability? Now there's a book: www.wemonitoremail.com/book _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop