Capable of generating DMARC compliant email for others? yes
Capable of signing email with DKIM for others? yes
Capable of sending SPF compliant email for others? yes
Notes on Capabilities
DMARC: SFDC is capable of sending DMARC compliant email for its customers. Note that emails with an envelope address of 'mta.salesforce.com' are usually bounces from autoresponders that are then forwarded on. Be aware that Salesforce allows customers to publish Salesforce-hosted support portals, and that users of the support portals (customers of Salesforce customers) can have their own email domains spoofed by the Salesforce portal. If these users publish a DMARC policy, the Salesforce-originated email will be impacted by the users DMARC policy.
SPF: See https://help.salesforce.com/apex/HTViewSolution?id=000232181 Note, you'll need to Turn OFF 'Enable compliance with standard email security mechanisms', Turn OFF 'Enable Sender ID compliance', and Turn OFF 'Bounce Management'.
When deploying DMARC, domain owners often find new sources of email.
Domain owners then wonder if the source is capable of sending DMARC compliant email.
This directory contains information on the capabilities of various sources of email.