G-Suite: keep google drive while leaving emails - google-apps

I registered G-Suite free long ago for my domain. We use Google Drive for file sharing and emails under that domain. Recently Google seems forcing me to upgrade to their pay plan. They list some of our key emails to spam list so that those email can't send mail to group. It also list some of our partners emails to spam list so that they can't send mail to email group under our domain.
Google suggests that in order to manage spam list sending to a group under domain, we have to upgrade to a pay plan.
As we have many users, the pay plan will be too expensive. So I'm thinking to run my own mail server, however still want to use google drive for file sharing within users in domains.
I would like to ask if there will be any issue if I change MX records to my own email server and keep using G-Suite free for file sharing with google drive ?!
Thanks,
Klab

The answer to your question is "it depends". Your split brain approach absolutely does work. We have exactly that configuration where we have some MX records going to on-prem, some going to gmail AND THEN to on-prem and some going only to gmail. The mails flow well and users get their email. The reason that I say "it depends" is that it depends on what you mean by issue. There's no issue with mail delivery, but there are issues with management. For example ideally you will have domainA.com for your email and domainB.com for your Gsuite and keep them separate: you don't have to do this obviously, but I wish we had. If you must have only domainA.com with domainA registered as your GoogleID but not with your MX record it will work, but it will probably end up with a headache when you get a problem in two years when userX's emails don't arrive and you have to track through where they go. That may not be an issue for you, but if you end up with 100 sub domains and 100K users then it's irritating to say the least.
You have other options with GSuite Enterprise and I assume Free, you can route all your inbound emails from a mail gateway see the docs so you can have both. Your inbound mails hit your Exchange server which then forwards to GSuite, or you can set up mail routes doc to forward all your inbound emails to your Exchange server, so you keep your MX record as Google and then your forward those mails to Exchange, then you reply from Exchange and the recipient replies back to Google. We do that too. It does work, insofar that the mail is delivered but it gets confusing to debug issues. But if you must have only one domain and you have to split up users then it's one approach.
You also configure a non-Gmail mailbox see doc which routes all your messages to, say, Exchange.
However, before you do, I'd look more into the Gsuite anti-spam features. You can customise some of the Google spam filtering. See doc . You can't customise all of it: we have had hangouts with the Google spam team who (eventually) explained some of their internal workings and there are some spam messages that you simply can't get delivered because the spam filter is applied before the GSuite level. Most business-type spam, rather than the nasty malware or "adult" spam, though is managed at the Gsuite level and you can disable it by domain if you wish. Differentiating between what Google thinks is spam and what the business thinks is spam still crops up for us from time-to-time.
To address your core issue of spam emails not being delivered to your group, I do not know about the free tier: we have the Enterprise tier, but on the assumption that the Groups configuration is the same (which it may not be but if it is) you can configure message moderation docs for a group. You can set "spam messages" to "skip the moderation queues". We have done that where, as with you, legitimate mails get classed as spam because they come from, say, automated services. We have also in cases removed the "archive" ability so the group is really only a mail distribution list and that bypassed the moderation for us.
I enclose a screenshot of the Enterprise Groups moderation options page from the control panel so you can see what we get in Enterprise and if it's different from what you get in Free Tier

Related

Gmail Spam Issue - How to properly setup DKIM & DMARC

I've created an automated script that generates a custom HTML email using PHPMailer within PHP and sends it, from my custom domain email account, to whatever recipient.
The emails are all litmus tested and render perfectly in all clients, hold no comments whatsoever, no strings that seem to be spammy, all good. My domain is also not on any blacklist, etc.
The e-mails first pretty much dropped into the spam for every recipient.
I went back to my hosting service then, and they recommended me to create an SPF - record in the DNS zone of the domain of my e-mail.
This drastically improved the non-spam delivery rate of my emails.
Still, some clients still receive the emails of our company in their junk folder. I ran a spam-test using email on ACID, and all tests were passed, including SPF - record verifications, etc.
The only warnings that showed up were, guess what, that for outlook.com and gmail.com, the emails eventually drop into the spam folder (without telling why) which is obviously a big problem.
And indeed, the only clients still complaining about the spam troubles are indeed gmail users, mainly.
I then came across this very interesting post, and learned that google recommends the setup of all, SPF, DKIM and DMARC.
I first of all included the include:_spf.google.com part in my SPF record, but when it comes to DKIM, I'm stuck.
I'm confused if, to have a working DKIM - register within the DNS of your domain, you actually need to have a Google Workspace account? Because apparently you can only create a DKIM Key within that Workspace account, and I'm worried that this will may expire after my 14-trial period of the Workspace account, and rather further damage my email domain reputation instead of actually improving it.
Or am I misunderstanding things, and there's a different solution to setup a DKIM (and then also DMARC) for a given mail client like gmail for a domain? I'm asking because I have no experience whatsoever in setting up DKIM.
In order to set up DKIM from the Admin console you definitely need to have a Google Workspace account. Using a Cloud Identity free subscription would not work as you are not going to have access to services like Gmail.
To simply generate the key from the Admin console you need the right subscription with access to Gmail, which is only available in Google Workspace subscriptions.
It will most likely stop working after your subscription expires since it is linked to the Admin console from the Google Workspace account where it was generated and once the subscription gets suspended everything stops working.

How do deliver marketing emails to Gmail without ending up in spam?

I have a question about the email deliverability to primarily Gmail and to some extent, Yahoo and Outlook email users. It’s a bit long since I’d like to lay down what I’ve done and tried so far, so please bear with me.
The Issue: Our marketing emails (in newsletter format, in hotel industry) using several email IaaS and PaaS are ending up in spam for Gmail users. About 10% will receive in Promotions tab.
The Providers: Here are the email IaaS and PaaS services I have been trying so far.
SendGrid (we are using their email API)
SparkPost
Mailgun
ElasticEmail
With each platform:
I’ve tried both our own dedicated IP addresses AND the platforms’ shared IPs.
New domains that haven’t been used to send emails
Changed contents of the email completely, including the HTML code (by designing new ones, just in case it’s an issue)
DKIM, SPF and all are setup correctly for each domains we used
I’ve checked all the domains and IPs (both dedicated and shared) against known blacklists and spams using MXTools and such. Everything is okay.
We also checked the emails we’re sending using:
www.isnotspam.com
www.mail-tester.com
Both are recommended by SendGrid. We score highly on both, and according to the analysis results from both, our emails are not considered spam.
We’d also checked our domains and all IPs (both dedicated and shared, from any platforms we mentioned above) using SenderScore. Everything is fine here too.
For dedicated IPs, we did the warm up too. But the issue is, even if we are sending just 1-10 emails for testing and warm up, they do end up in Spam. We aren’t even sending to anyone unsolicited. In fact, just for testing purposes, we are sending emails to multiple email addresses owned by our internal team.
I’d talked at length with support team from SendGrid. After checking everything they could think of, they also stated that they can’t find anything amiss with our configs, settings, IP and domain reputation and their own infrastucture.
So what gives? I am really out of idea. Please help!
Thanks.

SendGrid Emails Getting Rejected as Spam

I'm making a user management system for my app, and I need to send users a "forgot my password" email with a token that lets them reset their account password. I signed up for SendGrid through Azure (to get the 25,000 emails per month free, which sounded like a great deal) and wrote some code to use it, but after testing my program a bit I was dismayed to find that only a couple of my emails actually went through.
After going onto the SG control panel, I found that 4 out of the 6 test emails I sent went through, and all of the others were rejected as being spam. I sent an email to mail-tester.com to see what it though my spam score was and it gave me a 4.3/10.
The email in question was a single sentence with a link to the password reset, without any images or other elements. I only sent those 6 emails out, so the volume of my emails definitely wasn't the issue. Still, I'm very puzzled as to why my messages are getting flagged as spam.
Without going to the trouble of making an elaborate authentication setup, are there any basic changes I can make to my system to make it get through to users?
In this case it's most likely because you are sending such a short message, with a link to 'reset your password' from a non-whitelabelled email address (the email address you're sending from cannot be verified against the actual domain), and the link may also be a different URL. It's probably getting pulled up as a potential phishing email.
You can rectify this by white labeling your domain and email links via the SendGrid dashboard, it's easy to do and should improve your deliverability.
Also check out this article from the SendGrid support team about White Labeling.
A question from 2015 which is sadly still relevant today as usage of SendGrid increases.
My organization has blocked all SendGrid mails except for those on the paid tier using fixed IP addresses with resolvable public DNS names (such as sendgrid1.sampledomain.tld) which we then whitelist.
There are now far too many domain impersonation, phishing and other spam mails coming in from SendGrid for us to allow everything from them - roughly 10 000 mails over a seven day period, which is far too many to manually report to SendGrids abuse department.
So my answer would be that switching to the paid tier of SendGrid is the better option if you like a better chance of your mails arriving intact at their destination.
I receive only Spam Mails from Sendgrid.
Goes direct to Spam folder and try to report Sendgrid everywhere I can. Maybe they get blocked by most mail servers and make them think about their policy in "hosting" all these Spammers.
In my case my emails are marked as spam because of the anchor label different to the href being actually called.
And that's because of the 'click tracking' setting of sendgrid.
So, if you have something like
yourdomain.com
sendgrid may replace the href and you end up with something like:
yourdomain.com
The sendgrid page being called tracks the click and then redirects the user to the url you originally set. But this sometimes results in your email being marked as spam.
Try to set 'click tracking' in sendgrid dashboard to off: settings | tracking | click tracking.
details here: https://sendgrid.com/docs/ui/account-and-settings/tracking/
Always start by setting up Domain Authentication, formerly known as domain whitelabel as #MartynDavies says. Found under Settings -> Sender Authentication in the UI. Should look like this:
https://sendgrid.com/docs/ui/account-and-settings/how-to-set-up-domain-authentication/
To identify problems have a look at Activity and choose to see deferred, drops, bounces, blocks and spam reports.
https://app.sendgrid.com/email_activity
Under Suppressions you can see details for Blocks and Bounces among others:
https://app.sendgrid.com/suppressions/blocks
https://app.sendgrid.com/suppressions/bounces
There you can see errors like:
550 5.7.1 SPF check failed. em1234.mydomain.com does not declare 11.222.33.44 as a valid sender
If it says Verified but you see errors like this then contact SendGrid support.
One thing that has worked is to upgrade from the Free plan to Essentials or Bronze via the Azure Portal. This made a lot of the emails marked as spam pass through.
I had a similar issue when trying to send a user verification email using SendGrid.
In my case, using a custom domain as the sender identity solved the issue.
Make sure to also verify the domain before using it.

How to avoid marked as spam by Gmail on sending mass email?

I created event registration web sites (you can imagine something like http://www.eventbrite.com/), which allow users to subscribe for event updates. When subscribed, we send mass emails (with the same content) to those users.
It was ok before, but recently I noticed that GMail always put the email into Spam folder.
As any texts would always go to Spam folder, I suspect that my domain was blacklisted by Gmail.
1) Is there a way to request google to put my domain into the whitelist?
2) Let's say it can't and I decide to register for new domain.
Is there a way to avoid the mass email to be marked as spam by Gmail? (may be something like what Facebook email notification do?)
Yes, don't send mass email :-) If you really want to avoid being considered a spammer, send out emails with less recipients, and don't swamp the mail server with them. Let's say, for example, you have thirty recipients for a given update. You can send out emails with one recipient every minute for a half hour.
Now the numbers may be different (and will of course depend on the success of your site) but the basic theory will stand up for quite a while.
As to how to get yourself whitelisted in GMail, that's really up to the recipient. They can usually do it by simply adding your email address to their contact list.
Keep in mind whitelisting there refers to individual GMail accounts, GMail itself does not whitelist IP addresses.
It does blacklist them if you misbehave but that generally means you get delivery rejects when trying to send. The fact that your messages are going in to the mail system and being delivered to spam folders indicates that this is an account-based thing, not a global GMail blacklisting of your IP/domain.
In any case, the place to report problems for GMail delivery problems is here.
As a school, we send out mass emails to our parents about events and issues. There's no way we have the time to spend sending out one email per minute. What we did was sign up with AOL as a business account, and we are allowed to do "bulk mailings" until they get multiple complaints. However, gmail clients usually have to list us as a valid sender or else those emails end up in spam folders. Works the same for clients using college alumni accounts from edu addresses. Gmail is the only one who regularly gives us this problem for our recipients on their email servers. We let parents know at orientation that they will have to specifically admit our emails via some setting on gmail.

how to get through spam filters?

I sent 3 emails last week as replies from our website. None received them! One was yahoo, hotmail and an overseas domain. I am wondering if it's not a good idea to open a yahoo account with our domain name as the user just to reply to prospective buyers.
Your mail server's IP may have been black listed. This is common on shared servers.
http://www.mxtoolbox.com/blacklists.aspx
First, check dnsbl.info to see if your mailserver's IP is blocked by any of the blacklists. If they are, contact the blacklist administrator to investigate removing the block.
If your email is business critical, then you need to get a dedicated server with a white-hat hosting company, control over DNS to set up your SPF/SenderID record, and to register with the Hotmail, AOL and Yahoo postmasters for whitelisting and feedback loops. Most of these will only accept requests for dedicated servers, where you have 100% control over the email they send.
If you are using an online contact form, make people double-enter their email address and check the entries match - otherwise you'll have no end of typos, which are naturally undeliverable and frustrating for both you and your customers.
You could also try looking at gmail for domains. It's what I use and so far I haven't had a problem withany spam filters. Also make sure that you are not writing the content of the message to where a spam filter could flag it as spam. There's some guides on the net somewhere. I found out that by removing the word "free" from the message the emails started going though (before I was on gmail).