He of course meant the From: MIME sender. This can fail in a SPF check if identity aligment is set to strict.

Rewriting the From: heasder is one way to solve it, another way which preserves the original message in full, is to encapsulate the original message ina new message/rfc822 container where the new outer container, does have the rewritten details.

Från: dovecot-bounces@dovecot.org <dovecot-bounces@dovecot.org> För Scott Q.
Skickat: den 25 oktober 2020 17:02
Till: Marc Roos <m.roos@f1-outsourcing.eu>; dovecot <dovecot@dovecot.org>
Ämne: Re: forwarding email with sieve of spf domains

There's no ambiguity here, if you send a message, you are the sender. The envelope from should be yours.

On Sunday, 25/10/2020 at 11:48 Marc Roos wrote:

Say someone has setup spf for his domain and sends an email to a user
that has in roundcube enabled the sieve forward. If the message is
forwarded without altering the message headers, this could result in a
message being blocked or not relayed, because sending hosts ip, is not
in the spf of the from: domain.

Possible solutions are:

- add option if enabled, it replaces the From: with that of the email
address of the sieve user. (Maybe move the original sender to the
Reply-To header? Maybe exception for 'internal' forward?)
- Upon processing the message, check the spf records, if they are
enforced, do the above, otherwise do nothing.

https://tools.ietf.org/html/rfc5228#section-4.2