Email forwarding is handy beyond a doubt. But in the intervening years since email forwarding came along, Sender Policy Framework (SPF) was also created.
That’s a system wherein you use your DNS settings to specify which email servers are allowed to originate email from your domain, and yes, you can publish SPF records for your domains in your DNS settings here.
But if the person sending you email has SPF enabled on their domain, and you are forwarding that email to another destination that is enforcing SPF validation, then that would break SPF validation, and either reject that message or possibly mark it spam (depending on how the sender has their SPF data set up).
Sender Rewrite Scheme (SRS) was created along with SPF to fix that problem.
When you want to use email forwarding, SRS will rewrite the envelope in a way that will
- preserve the identity of the sender for replies
- pass any SPF validation
It does this by specially encoding the “From” envelope sender using an intermediary domain dedicated for the purpose.
Not many email forwarding services support SRS (we actually don’t know of any other mail forwarding provider that actually does it, for that matter) but it comes standard on all easyDNS mail forwarding. The intermediary domain we use is easysrs.org but for the most part is that it is completely transparent to you.
Just rest easy knowing that people sending you email can make use of SPF to protect their domains, and your ultimate email destination can enforce SPF to protect you from phishes and spoof attacks without worrying that it will break legit email from getting to you.