We send mails through an external mailserver. We also have a locally configured domain for our neth-mailserver. For the local domain I configured the corresponding dns entries and connectors for each user so our imapserver pulls the mails from the external imap server and they are scanned by rspamd for our users.
Do we need to add any (mx,dkim,spf,dmarc) entries for the external domain also pointing to to our nethserver? I am asking as we do not send mails of the external domain directly but exclusively through the authorized external mailserver, and this mostly works. It works 100% wenn mailclients are configured with external smtp server. But recently we changed this and as said send mails through relay/smarthost function. That means that in the mailheader of mails sent the ip address of our mailserver is visible thus it can be that a mail gets blocked because of that ip.
I therefore tested with mxtoolbox email deliverability tool and the report said that there is no spf/dmarc record for our own neth-mailserver ip (only responsible for the internal domain) for the external domain.
I don’t understand why dkim/spf and dmarc entries for the external domain could be needed pointing to our nethserver, as we do not use it to send mails for the external domain directly. Those mails are relayed to an external mailserver. Is my understanding not correct that the dkim/spf records only need to point to the external mailserver then?
Thanks for clarification.