A bunch of universities have just sent out notices that email forwarding is going to increasingly break in the very near future. The big email services, gmail, yahoo, outlook and apple, are going to start tightening the thumbscrews (strict SPF, DMARK and DKIM, but also other stuff) on April 1 (bad timing, that).
I’d vaguely seen that gmail was planning to block much more bulk mail to individuals, but hadn’t really thought about the consequences to normal email forwarding. (I blissfully no longer run a mail server and mailing lists.)
Sample notice:
"Can I continue to forward my email to my university address [which then forwards to my personal address]?
“The short answer is no. The new security measures will block non-university email forwarding from your university addresses, including emails from banks, doctors, and other third parties. To continue receiving email from non-university organizations, you must provide them with a personal email address instead of forwarding to your @university.edu account. However, you will still be able to receive emails from the university.”
This is a common set up, so alumni and retirees can keep receiving mail to their university address, even though they no longer have accounts and can’t send from that address.
It’s a good time to audit your email situation, especially if you currently forward mail to large provider controlled domains, or if you have any chains of forwards set up that you’ve forgotten about.
The worst part is that it isn’t going to help. Spammers have already started using subdomain hijacking to get around most of the security restrictions: