Quoting Tim Connors (tim.w.connors@gmail.com):
Isn't cascading Received: from .* (.*) by headers completely normal in mail? Isn't a mailing list just another MTA?
You might have noticed that SPF RRs in DNS sometimes have include directives so as to say 'I expect to be at least sometimes forwarding my outboudn mail through _this_ domain's outbound mail servers, so you should include the IPs pointed to that domain's A record, or MX records etc." But, in any case, you have to be able to publish in your domain's SPF RR, in some way or other, all of the places deemed legitimate handlers of your domain's outbound mail, or there's no point. Example: GMail. $ dig -t txt gmail.com +short "v=spf1 redirect=_spf.google.com" $ dig -t txt _spf.google.com +short "v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all" $ I can't speak to how this is handled in DKIM / DMARC, but it's an implementation of the same core concept.