The redacted screenshot at https://nxdomain.no/~peter/blogpix/likely_suspicious.jpg indicates that the sending server used an IPv6 address that ends with the digits 19. The SPF record for bsdly.net includes two IPv6 addresses, neither of them ends with 19. It also includes some more things, up to three layers of indirection so I'm not sure I checked everything, but I didn't see …19 anywhere.

I suspect that what we have here is a misconfiguration at bsdly.net and perhaps a poorly chosen error message at gmail.

If you publish SPF and DKIM and people penalise you for being able to detect fraud in your origin, then indeed as this article says, they simply do not understand email.

This is an invitation to send that mailer literally millions of forged mails in a domain, to wreck their mail delivery. It's an open third party damage hole surely?