Thanks for giving it a look! Enforcing DMARC and strict SPF tend to screw up mailing lists and forwarding. I don't see how I can enable them without causing a lot of other problems for me and my users.
No arguments about my provider. Any tips on how to select a better one? I'm thinking someone who adds some friction to unblocking outbound port 25, e.g. Vultr, might be better.
DMARC shouldn't be an issue for mailing lists, as long as one of DKIM/SPF passes. Are you seeing reports of both DKIM and SPF failing for mailing lists you use?
Properly configured mailing lists shouldn't modify contents of emails causing DKIM to fail.
I personally use Linode and would recommend them. But basically any tier 1/2 provider, i.e. too big/popular to block, will do. However, I would avoid DigitalOcean per my experience due to them completely blocking SMTP on IPv6 in addition to badly implemented IPv6 support and seemingly subpar support.
No arguments about my provider. Any tips on how to select a better one? I'm thinking someone who adds some friction to unblocking outbound port 25, e.g. Vultr, might be better.