post...@ptld.com: > If you are going to use DMARC then you do not need to mess around with or > install policyd-spf. > OpenDMARC has built in SPF lookup, it adds a header with the SPF results, and > uses it in deciding if the email passes DMARC or not.
OpenDMARC’s is a defective implementation of SPF. Some of the issues are listed in https://github.com/trusteddomainproject/OpenDMARC/issues/169, but there are several more around DNS lookup limits etc. If you want SPF done properly, use a dedicated SPF component (of which there are several).
