| ▲ | dajonker a day ago | |
Would this be preventable by setting strict alignment for SPF? i.e. aspf=s in the DMARC DNS record. | ||
| ▲ | justusthane a day ago | parent [-] | |
No, it wouldn't. SPF alignment just verifies that the Envelope From address matches the Header From address, and in this case both are no-reply@accounts.google.com, so SPF is aligned. Strict vs relaxed just specifies whether a subdomain address is aligned with a different subdomain (or root domain) address. Note that autoforwarding an email, as is happening in the article, is different from clicking Forward in your mail client. When emails are automatically forwarded, generally all the headers, including Envelope From, are preserved, so to the recipient it looks like it came from the original sender, not the party who forwarded it. See "Forwarding versus Remailing" here: https://en.wikipedia.org/wiki/Email_forwarding | ||