I set _dmarc to see my email authentication reports (in case it fails).
like that
"v=DMARC1;p=quarantine;pct=100;rua=mailto:dmarcreports@example.com"
And I receive these reports form Google.
a report I receive my emails are good, because they are comming from AWS SES and all configured fine, it comes like that
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>pass</spf>
BUT sometimes I get records like this
<record>
<row>
<source_ip>209.85.220.41</source_ip>
<count>1</count>
<policy_evaluated>
<disposition>none</disposition>
<dkim>pass</dkim>
<spf>fail</spf>
</policy_evaluated>
</row>
<identifiers>
<header_from>mydomain.com</header_from>
</identifiers>
<auth_results>
<dkim>
<domain>mydomain.com</domain>
<result>pass</result>
<selector>xxx</selector>
</dkim>
<dkim>
<domain>amazonses.com</domain>
<result>pass</result>
<selector>gggxxx</selector>
</dkim>
<spf>
<domain>gmail.com</domain>
<result>pass</result>
</spf>
</auth_results>
</record>
And I understand that someone has forwarded my email but without overwriting headers and this someone was gmail
.
Why gmail doesn't overwrite headers and why should I care about forwarding at all? They only suppose to send me emails when it is my problem, right?
Am I confusing something?