As a reminder: Echo user no-reply-notifications@wikipedia.org (or @mediawiki.org etc.) in the From: and Reply-To of its email notifications, while the true sender wiki@wikimedia.org is left to the internals of Received headers.
A user posted headers of a message caught by Yahoo! spam filters which shows they want DKIM headers for the domain in question (unlike SPF which checks wikimedia.org), so it should be added for all projects: wikipedia.org and mediawiki.org to start with, but also the others for future deployments.
Authentication-Results: mta1066.mail.gq1.yahoo.com from=wikipedia.org; domainkeys=neutral (no sig); from=wikipedia.org; dkim=neutral (no sig)
Version: unspecified
Severity: enhancement
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=52569
https://bugzilla.wikimedia.org/show_bug.cgi?id=58261