Christian R??ner:
> I found the answer and I fear there is no chance to solve this:
>
> https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/?include_text=1
>
> It's the problem with DMARC. Nearly the same problem that I posted
> some days ago. It's all about the RFC5322 from address. DMARC uses
> this information and checks SPF and DKIM against this header field.
> So it is not enough to have SPF passed; it also MUST have been
> sent from a SPF legitimated system.
DMARC "verifies" the From: header against SPF, DKIM or both, but
only a poorly-informed person would require that the From: address
*always* verifies with SPF.
It would be unreasonable to expect that mailing list managers replace
the From: address of mailing list postings to match the list server's
IP addresses.
Wietse
