I'm trying to set up a Return-path for Mandrill emails. This is what I currently have:
From: [email protected]
Return-path: [email protected]
and I'm wondering how to set up the Return-path header. Would it pass the SPF alignment if the Return-path would be the following:
From: [email protected]
Return-path: [email protected]
?
I've found this: https://mxtoolbox.com/dmarc/spf/spf-alignment which mentions couple of examples about SPF alignment but I can't find anywhere in the SPF standard whether if I have subdomains both in the From & Return-path if that'd align just based on top of the top-level example.com domain.
I'm unfortunately not able to set up the Return-path to match the From like so:
From: [email protected]
Return-path: [email protected]
As I can't create a CNAME record for info.example.com as I already have an MX record for this subdomain to route incoming emails to Gsuite (see this issue: https://support.google.com/a/forum/AAAA034zvV85E_AluPsqD8/?hl=en&gpf=%23!msg%2FApps%2F5E_AluPsqD8%2F0x_O1tqmAwAJ&msgid=0x_O1tqmAwAJ)
As a sender, you don't set a return path. That's the job of the receiving server. As RFC5321 says:
The envelope sender is what's used in the
MAIL FROMSMTP command, and that's what SPF checks. SPF does not look at what's in thefromaddress header – one of its weaknesses – but fortunately exactly what DMARC is designed to (ahem) address. That MX Toolbox article is misleading because it categorises this alignment as an SPF feature when it's a DMARC one, which is why you're not finding it in the SPF spec.If mandrill is expected to handle your bounces while maintaining DMARC (relaxed) alignment, I would expect your envelope sender to be something like:
and then you'd have a CNAME in your domain's DNS pointing it at mandrill: