I am amazed that popular travel businesses would put forward the effort to use a 3rd party mail service, make sure SPF and DKIM work and validate but fail to account for "alignment" of the domain used to send the message matching, so that once SPF and DKIM pass, DMARC could also pass.

I am also still annoyed that SPF macros exist in records which CANNOT be validated as remaining under the "10 DNS lookup limit" for SPF unless you have a sample email message and sometimes envelope/smtp-session data associated with the message, sometimes added as headers to a message.

As a result, SPF validators can only validate some SPF records for syntax, not compliance with RFC. (Validators cannot chase down macros unless they know the values of those macros.)