Emmanuel Fust?: > Le jeu. 12 janv. 2023, 17:15, <post...@ptld.com> a ?crit : > > > > Since I am using SPF as a validation method, the non-srs messages from > > those big providers will have possibility to break SPF and be rejected by > > our systems. > > > > Do you reject based on solely the SPF result? It would be better to use > > DMARC, have SPF only create the auth header and not reject, then let DMARC > > evaluate and decide to reject or not. > > > > DMARC will look for any DKIM signatures and if a signature is valid DMARC > > will accept the email even when SPF fails due to forwarding. > > > No. If SPF fail DMARC will fail too.
No. If DKIM passes then DMARC should too (ncessary and sufficient). Wietse