How to Identify Forwarders?

Forwarding happens when an email receiver forwards your email to another recipient.

There are two types of forwarding:

  1. Manual forwarding

Manual forwarding occurs when you receive an email in your inbox and manually forward it to another receiver. I.e.: You receive an email from ‘dummy@example.com’ and open it. You find the email important and forward it to one of your colleagues at ‘john@gmail.com’.

  1. Automatic forwarding

Auto-Forwarding is a  feature that lets you automatically send messages to someone else when you are unable to. Each time you activate Auto-Forwarding, you can write a custom message letting the person you are forwarding to know why they are receiving your messages.

Senders are not able to authenticate sources that forward their emails. To improve the DMARC alignment of sources forwarding emails on behalf of an organization, the legitimate sending sources of the organization have to be authenticated with an aligning DKIM signature.

Unlike SPF, DKIM is designed to survive automatic forwarding. The DKIM signature (d=) is attached to the body of an email, while SPF is attached to the ‘Return-Path header’ of an email. With automatic forwarding, in general, the body of the email is not touched. Therefore, DKIM can survive automatic forwarding.

To conclude:

  • Senders are not able to authenticate sources that forward their emails.
  • To improve the alignment of forwarders, senders have to authenticate their legitimate sending sources with DKIM