Google have recently got a lot tighter with enforcement of Sender Policy Framework (SPF). This is an anti-spam measure that essentially breaks mail forwarding. SPF allows the owner of a domain (e.g. sender.com) to publicly list the mail servers that are allowed to send mail from that domain. If you receive mail to your domain and then forward it on to Google, it will fail an SPF check because it appears to come from your forwarding mail server, rather than the sender.com mail server.
Google recently started treating mail from any domain that doesn’t have an SPF record as “untrusted”, and I suspect may be even more brutal with mail that actively fails an SPF check.
There is a way round it, which is Sender Rewriting Scheme, which as the name suggests, rewrites the sender address of an email at the point that it is forwarded, so that it appears to come from a domain for which the forwarding server is permitted to send from. We’ve recently started deploying this for our customers as without it, mail forwarding is getting increasingly unreliable due to SPF enforcement.
WTF is a catch-all email forwarder?
Something forwards anyaddress@yourdomain.com to another address. We generally advise against them, as spammers will often make up random addresses within a domain in the hope that they exist. What can be very useful is a wildcard address, so as well as having myname@mydomain.com, I can also have myname-anythingatall@mydomain.com. When I sign up to a website, I give an email address like myname-sitename@mydomain.com, so if I start receiving spam I know who leaked my address, and I can simply blackhole that address.