Rewrite 'from' header to enable forwarding to overcome dmarc restrictions?

Mark Sapiro mark at
Wed May 7 04:35:21 IST 2014

On 05/06/2014 08:03 PM, Furnish, Trever G wrote:
> Hi, Mark.  It's not breaking dkim, it's violating the receiver's implementation of SPF, which appears to be looking not just at the envelope header, but also at message headers -- I wonder whether this means they have actually implemented SenderID rather than SPF.

If the message is DKIM signed by the domain of the address in From:, it
should pass DMARC as long as the signature is valid.

The tests are:
Is there a valid DKIM signature with a d= domain that "aligns" (a DMARC
technical term) with the domain of the From: address


Does the server pass SPF and does the domain of the envelope sender (the
SPF domain) "align" with that of the From: header.

Forwarding will break SPF alignment, but if there is an original DKIM
sig and it is valid, the message should still pass DMARC.

See the spec at
<> and lots
of descriptive info at <>

Mark Sapiro <mark at>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the MailScanner mailing list