Hi @baebjb,
SendGrid is a 3rd party sending email on your clients behalf. As most ESPs they will handle any non-delivery reports or bounces on the mails they send for your client, so they set the return-path pointing to their servers. While the return-path may align (via a CNAME record on your clients DNS, e.g. newsletter. yourclient. com CNAME someserver. sendgrid. com) it will NOT match your client’s domain, and your client’s SPF record will not be checked for mails originating from SendGrid.
It is confusing (and IMO wrong) when ESPs recommend SPF includes that will never be used, maybe except for ‘domain verification’ during the sign-up process. Take a look at similar issues at You have a strict DMARC policy in place, but you have uncompliant sources and Mailchimp failing SPF
To get DMARC compliant mail from ESPs involves setting up DKIM signing in the ESP account admin panel, and authorising/publishing the signing keys in DNS.
