Authentication Bypass by Spoofing
OpenDMARC, when used with pypolicyd-spf, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.
Advisories for Pypi/Pypolicyd-Spf package
2020