This question is a follow-up question to this one.
The problem is that my current E-Mail provider does not natively support DKIM-signing, but I need that DKIM feature to make certain API integrations regarding my emails (like sending emails from my payment service provider through my own domain).
The solution I'm starting to see, as long as my host does not DKIM-sign their outgoing emails, is to watch out for an email providing service that allows you to send emails in the name of your own domain including the DKIM-signature feature. Does such a service exist, via API call? I've no experience whatsoever in this area, and would be happy to know if such a setup potentially has a bad influence on delivery rates / other problems.
If the mail server signs using your domain and not theirs, and you post the matching public key in your DNS, it will all work fine. You do need to find a provider that lets you do that though, which they may do via CNAME records. Such services will often allow you to configure what the mail server does with your messages using additional params in an HTTP API, or via custom headers over SMTP, e.g. it might allow you to set a header like:
Sign-with-selector: myselector
Recommendations for services are off-limits for SO though.
Related
I have a web application that utilizes several CRM types of emails for notifications, appointment reminders, attachments for digital sales and such. My clients can use my own admin domain email account to send these emails (no-reply email), or they can provide credentials for using their own SMTP server or relay service so that any emails that are replied to are sent to them (vs a no-reply admin email).
However, I'd like to try for a 3rd option where I can create an email mailbox on my a domain like so:
client1#mydomain.com
client2#mydomain.com
...
And then I would apply a forwarding rule on each one to send any replies to their personal email accounts so they wouldn't have to have their own SMTP service.
Now I can do this using providers' interfaces, but I'd rather do it with an API so I'm not having to manually create mailboxes and setting forwarding rules.
Currently I'm using AWS SES for my domain emailing, but I've searched for hours and the "solution" to create mailboxes and create rules to forward are ridiculous.
Are there any other email providers out there that make this easier? I don't need anything fancy except the ability to create a bunch of email mailboxes via API (preferably with a high limit of mailboxes) and the ability to create the forwarding rules via API.
Or can anyone recommend a good email provider that allows for a lot of mailboxes and makes forwarding really easy (and of course cheap).
Like "cringe" GoDaddy Email or something similar??
After a lot of research, this procedure doesn't really make sense these days. There are a lot of relay email providers that make it easy to set up "Senders" so that emails can appear to come from any kind of email account (personal or domain based) for ease of use with applications
I'm currently running a SAAS application and mails are being sent from our application using Mailjet.
Some of the larger customers have been asking to allow the emails to be sent from their domain (e.g. info#largehotel.com) instead of our system (notifications#saasapp.com).
Are there any initial pointers I will need to look at? I'm guessing they will need to add our SPF records to their SPF records too and that they will need add a DKIM key that we generate for them to add to their records too? Then do some validation on them on the DNS level and mark them as validated?
I have some understanding to have customers run their own domain against our SAAS domain but a bit lost on the sending from their email domain requirement.
First, for the record, my SaaS platform does this (vía option 2b). It’s an e-commerce marketplace and I need the receipts to be sent from the email address of the product seller, not from me (the marketplace)
You have two(ish) options
Send email through your client’s mail servers (instead of mailjet)
Verify the client’s domain on your Mailjet (or similar email) service
option 1
With option 1, you’ll need to ask your client’s IT team to setup a username and password for you to access their SMTP server. This is essentially just like them creating an email account for you to use. This may seem like the easiest path available for you, but there are potential pitfalls and disadvantages:
Doing this, you will lose the mail open/click/bounce tracking functionality you get with mailjet; because you’ll be using the company’s SMTP server instead.
If you’re sending out as a fairly common email address (eg info#your-client.com) the client may already have that account active on their mail servers. That would allow them to receive replies into the existing infrastructure but make them wary of the security issues with sharing a password to their mail server with you.
You might find that they don’t even have the ability to give you a username and password. Modern mail services don’t allow for SMTP access (which is what your web app will need); and security conscious companies require 2 factor authentication on mail accounts (which your web app can’t answer)
Option 2
For this, you will need to ask their IT team to configure some DNS records to prove to mailjet, and to the email recipient, that you’re allowed to send on behalf of your client.
You did this for your own domain when you first setup mailjet. See https://app.mailjet.com/support/how-to-add-a-sender-address,96.htm for what this involves, but it’s a case of asking the client to configure a DNS record.
That tells mailjet that you’re allowed to send on behalf of that domain; but you’ll also want the client to adjust their SPF and DKIM records so as the recipient of the emails knows to trust Mailjet’s servers with emails sent from your client’s domain name. Normally, recipients only trust email sent from your client’s mail server (which you have as option 1) and distrust email sent from SAAS providers.
You will (or should) have done this on mailjet for your own domain already as well. https://app.mailjet.com/docs/spf-dkim-guide
So for this, you’ll need your client to setup 3 DNS records.
If you go this way, you could setup a separate Mailjet account which they and you have access to. That way they ca see their dashboard directly and feel a sense of ownership and security around it. But you won’t be able to markup the price of it 😜
Conclusion
How important is the tracking? If you can’t lose that you need to go with option 2.
How technically savvy is the client? Are they going to be able to have those DNS records changed? Are they going to be (rightly) security conscious around giving you an account on their main mail sever.
Option 2 would be my preference. You might need to hold their hand through the DNS setup so get it configured on Mailjet (And ask about SPF in here to make sure you get it right) so you can provide them with clear instructions of the specific 3 DNS records to create/update.
Whatever approach you take make sure you’re talking to the right people at your clients side soon. Their marketing team may be keen to do this with you, but if their IT feels left out of the conversation they will be difficult to get on board when you need them to make the changes. Us IT folk can be grumpy and obstinate 😀
your web app
This is going to need some adjustment. You probably already store your Mailjet credentials in a file or environment variables; these might need to move these to a dB table so you can relate credentials with specific accounts. But we’d need more info on the web app to be able to speak more to that side of the challenge.
option 2b
just as a note instead of a real suggestion. Be aware that some email service provers allow the sending verification part to be done by sending an email to someone on that domain (eg admin#yourclient.com) and then allowing sending vía the API if the recipient clicks on the approve link on that email. But, even with that setup you still need the client to configure SPF and DKIM on their DNS, so the extra one record isn’t a big ask. AWS’s SES allows for this. This works for me; but I have different requirements around deliver ability, and a large number of non-tech users (as opposed to your one or two big clients)
you can ask your client to generate programmatic(app key/password) user for email need to use for example info#largehotel.com and some other info like (host:gmail, protocol: smtp,...) all basic info needed then in your saas retrieve all this info to create object with client info that you stored before to send email for the target (from developer prospective non network engineering )
The SPF is the most important think to do. In most cases you have to be very careful about the IP reputation, but since you are using Mailjet it's up to them to manage this part.
Be attentive to the overall quality of the email, text/image ratio... Also offers a text body version of the content and dont forget the unsubscribe link. Since you already send emails with your service, I guess it's points are already correct.
I'm trying to understand a few concepts around sendgrid, whitelabeling and different servers that I plan to deploy the same sendgrid account in.
So my questions are:
1) Is whitelabelling purely for masking the via sendgrid.me and will I have any issues if I dont use it with my current setup(i.e. same account on several domains)
2) How does sendgrid deal with messages that have a "From" email that doesnt match the domain the email is sent from? Cause I read that it would silently drop them but instead I see that emails do get delivered however the statistics in sendgrid's dashboard are not being updated.
3) Upon creating a demo account I was asked to provide the domain from which the emails will be triggered but since I want to deploy this in several different domains will I need multiple accounts or is there an alternative option when you go for a paid plan?
Mike
Yes - whitelabelling will replace the sendgrid.me with your own domain.
You can also setup multiple domains inside SendGrid and assign each to a subuser. That will get you one SendGrid account, with multiple whitelabelled domains and separate sender reputation for each.
SendGrid will attempt delivery of whatever you ask it to send -- if you send an email with a different from domain than the signed sending domain, it's up to the receiving mail server to decide whether to block, flag as spam, or allow the email. Different receiving domains will behave differently.
It's generally best practice to always have your from domain match your signed sender domain.
Once you have one domain setup, you can setup additional domains using SendGrid subusers -- more info here.
If you have a complicated multi-domain setup, you might want to check out a templating API, like sendwithus, for making things easier to manage. They'll integrate directly with your SendGrid subusers on your behalf.
For a project I need to setup either a mail server (like Open X-change, Kolab) or I can use email service as Saas from providers like Mailgun, Sendgrid etc. But my prime requirements are:
Create new email addresses using (Rest) API or any other API programmatically.
Ability to create huge number of email ids (more than 10,000)
I have researched and found some like mailgun provides facility of sending / receiving messages through APIs. But nothing was mentioned about creating new email ids using APIs.
Does anyone know any mail server / SaaS which provides the aforementioned facilities?
To have a mail id, you need to be able to accept messages at that location, which would be a full mail service such as Gmail.
If you just need to send "as" addresses, you can use an SMTP service such as SendGrid. You'd just need to make sure the domain is legitimate and can receive mail, and that you set the Reply-To value to something that you can accept mail at.
In our SaaS application each company (tenant) is given their custom domain like companyName.ourapp.com
We would like to provide some email services like:
Ability to send and receive email notifications from info#companyName.ourapp.com and similar addresses
Ability to create new email accounts in clients' subdamains at runtime, programmatically, when needed. For example we would have separate emails created for each "opening" so that emails sent to this address would be parsed info would be extracted
Similar tasks
For now I just don't even know on where to look and how this could possibly work.
As far as I understand email it should be some kind of custom mail server (SMTP) serving all sub-domains and having API we can use to send emails, list and retrieve messages etc.
Please suggest how it may work and is there any components out there we can use to implement this.
There are three options for this.
Create an email server and programatically configure it to accept or deny the specific accounts. Then use cron to poll via pop3 or imap and download the messages for the account. You can then send them on for the customer or handle them in your web app.
Create a script that is fired by the email server as it receives each email. The script can then handle what to do with the email as it's received.
Use a third party to receive the email via HTTP Post at your app. Using CloudMailin for example would allow you to create a custom authorization filter that would call your app in realtime and determine if the given account exists and messages should be accepted for it.
I wrote a blog post for Rails about receiving incoming email, however the principals would apply to any programming language and framework.