The demise of email forwarding is getting closer

The issue doesn’t really affect the kind of forwarding that you’re describing, where you as an individual are selecting a message to directly forward to another email address. When you do that, your email address is applied as the sender. That works pretty much the same as just sending a message directly, and unless you have a custom domain, you probably don’t have to worry much about that having trouble.

It’s the original automatic, server-level forwarding that got those messages to you in the first place that’s at risk. When you forward a message in that manner, it retains the original sender. This sender’s domain will not match the domain that the message is being forwarded via. SPF, DKIM, and DMARC are a group of protocols for verifying that the message is still legitimate despite the domains not matching.

In order for this kind of forwarding to continue happening, SPF, DKIM, and DMARC need to be properly implemented by every domain the message passes through. The forwarding domains can be updated to implement this, but the domain that’s being forwarded from (such as your old alumni address’s domain) also needs to have it implemented, and many of these older domains aren’t being actively managed anymore. They’re still registered (if they weren’t, the email sent to them would bounce right off the bat), but if they’re not actually using them for anything except maintaining forwarding, there’s a good chance that they won’t bother to implement the necessary protocols, and you may not be able to reach anyone managing those domains to get them updated.

Your Microsoft address probably won’t have any issues. While Microsoft does not yet appear to be requiring DMARC for messages it receives, it still should have it implemented for what it sends. So if they’re managing the domain for that old alumni address, they’re able to make sure DMARC is set up properly.

A lot will actually depend on the domain you receive your emails through. If it’s Google, they’re rejecting all messages that aren’t DMARC-authenticated (if this isn’t in place for all receipts yet, it will be soon). Other major email providers are at various stages of implementing DMARC requirements for incoming mail.

You usually will not know that a message sent to you was bounced, because the bounce goes back to the originator. You would likely notice it only if you know that you should have received a message, but didn’t. So messages you expect to be forwarded to you will simply disappear if those old domains don’t get their settings updated.

If you send a noncompliant message to a server that is rejecting noncompliant messages, you’ll get the bounce. This is pretty much a risk only if you use a custom domain, in which case you’ll need to follow the directions in the other thread to make sure your domain has the protocols set up correctly. It’s not difficult, but your domain host will not invisibly do it for you. Each domain owner/manager is individually responsible for setting up SPF, DKIM, and DMARC on their domain.