Problem

Why Forwarding your Email can be a BAD idea?
Why am I getting delivery errors on emails that are forwarded?

Discussion:

So often we see people that want to take advantage of "email forwarding", where a mail server auto-forwards any incoming email to a specified email address on that server to a different domain on a remote server.  This is often when a user has a work email address and a personal email address and instead of monitoring two mailboxes the user forwards the email from one mailbox to the other.

Example.

Barney (email address This email address is being protected from spambots. You need JavaScript enabled to view it.) sends an email from his company network to Fred (email This email address is being protected from spambots. You need JavaScript enabled to view it.) who is working for a different company and therefore different domain name.  Fred has setup an auto-forward rule so that all new email is sent to his G-Mail account (email This email address is being protected from spambots. You need JavaScript enabled to view it.).

Looks ok, doesn't it? However this is really bad practice.  The server for receiving-domain.com has to technically impersonate the server of sending-domain.com in order to just forward the email to g-mail.  Of course if the server at receiving-domain.com was to rewrite the header to received-domain.com it could work, but you would need to configure the server to do this.  Most mailing-list managers can do this for you.

Let's explore further why the example above doesn't work out too well. 

When Barney sends the email to Fred his sending server (sending-domain.com) includes a mail header to the message, which will look something like:

From: This email address is being protected from spambots. You need JavaScript enabled to view it.

Subject: That awesome sales order for your review

Date: January 5, 2021 3:30:58 PM UDT

To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Etc....

When the auto-forward rule kicks in the server at receiving-domain.com sends the message to g-mail with the same header

From: This email address is being protected from spambots. You need JavaScript enabled to view it.

Subject: That awesome sales order for your review

Date: January 5, 2021 3:30:58 PM UDT

To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Etc....

The receiving server at g-mail will see the header "from address" (This email address is being protected from spambots. You need JavaScript enabled to view it.) and will notice its coming from a different server (receiving-domain.com). At this point the receiving server may just accept the email or its spidey-senses might tingle instead and the message is rejected as part of its spam-filtering policy. 

Lets add SPF into the mix

Let's also introduce the fact that each domain in the above example has published SPF records.

Now, when Barney sends the email to Fred his mail header still looks the same

From: This email address is being protected from spambots. You need JavaScript enabled to view it.

Subject: That awesome sales order for your review

Date: January 5, 2021 3:30:58 PM UDT

To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Etc....

When the receiving server as receiving-domain.com gets the email, it checks for SPF records and the server sending the message is listed in the SPF record for sending-domain.com and therefore accepts the message.  The mailbox of FBloggs then runs the auto-forward rule which forwards the message on to g-mail still with the same header

From: This email address is being protected from spambots. You need JavaScript enabled to view it.

Subject: That awesome sales order for your review

Date: January 5, 2021 3:30:58 PM UDT

To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Etc....

The receiving server at g-mail will see the header "from address" (This email address is being protected from spambots. You need JavaScript enabled to view it.) and still notices its coming from a different server (receiving-domain.com). This time the g-mail server checks for an SPF record using the from address.  So it checks the SPF record published for sending-domain.com and notices that the server sending the message (receiving-domain.com) isn't listed in the SPF record and will rejected the message based on the SPF policy. 

Don't forget that it is the SPF records of the sending server that matter here - and these are unlikely to be under the control of the receiving-domain.com users.

How does a mailing list manager do it?

When Barney sends the email to Fred his mail header still looks the same

From: This email address is being protected from spambots. You need JavaScript enabled to view it.

Subject: That awesome sales order for your review

Date: January 5, 2021 3:30:58 PM UDT

To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Etc....

However this time the server at receiving-domain.com gets the email and before forwarding out the message it changes the header information.

From: Barney <This email address is being protected from spambots. You need JavaScript enabled to view it.>

Subject: That awesome sales order for your review

Date: January 5, 2021 3:30:58 PM UDT

To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Etc....

The receiving server at g-mail will see the header "from address" (This email address is being protected from spambots. You need JavaScript enabled to view it.) checks the SPF record of receiving-domain.com which is valid for that sending server and accepts the email. 

By adding the original email address to the reply-to field in the header it means that when FreddyB1234 clicks the reply button the email goes direct to Barny.