Amazon AWS recently added support for custom MAIL FROM domains in their Simple Email Service (SES). I have configured one for my domain as bounce.mydomain.com. I went through the wizard on the UI and it added some records to my domain in Route53, but when I check at http://dkimvalidator.com it tells me that my DKIM configuration is OK, but my SPF is not:
Result: none (No applicable sender policy available)
Result code: none
Local Explanation: mydomain.com: No applicable sender policy available
spf_header = Received-SPF: none (mydomain.com: No applicable sender policy available) receiver=ip-172-31-3-128.us-west-1.compute.internal; identity=mailfrom; envelope-from="myaddress#mydomain.com"; helo=a8-60.smtp-out.amazonses.com; client-ip=54.240.8.60
What else do I need to add (besides the records the wizard adds to Route53) to enable SPF for a custom MAIL FROM domain?
Related
My client is currently hosting his site on a shared GoDaddy hosting plan, an also his emails accounts. Question is... how can I migrate his website to Digital Ocean and keep the emails on GoDaddy?
I had an recently where I could not receive emails on my goDaddy account once I have moved the nameservers to DO. For anyone facing this issue, the below steps should fix it.
To migrate hosting from goDaddy to DO, follow the below link
https://www.digitalocean.com/community/tutorials/how-to-point-to-digitalocean-nameservers-from-common-domain-registrars
Once you have pointed nameserves, your traffic will be redirected to DO. Now if you want to use the email service provided by goDaddy, you will need to point your DO "MX" records back to godaddy.
First you will need to know the goDaddy incoming email server details. To obtain this, you will need to go to email server settings within your goDaddy Dashboard. The server details will look something like
Incoming server (IMAP):
imap.secureserver.net
Incoming server (POP3):
pop.secureserver.net
You will then need to add these details as MX Records in your Digital ocean domain DNS settings page. DO will then route emails to your goDaddy email service.
These details will take time to reflect. For me it took a day to start receiving emails on goDaddy.
Hope this helps!
Yes, you could just change your zone records to reflect what you want to do. Presumably you want to transfer the DNS zone to Digital Ocean and only keep the email at Godaddy.
In Godaddy's domain name manager you can change over to the Digital Ocean name servers.
ns1.digitalocean.com
ns2.digitalocean.com
ns3.digitalocean.com
Check things out:
dig ns example.com
and
whois example.com
The name servers should be the above DO name servers.
The only thing you need to point back at Godaddy will be Goddady's MX records. unless, of course, you're using Office 365 email, which a lot of Godaddy's customers seem to use, in which case lookup the appropriate MX records for Office 365.
I hope this helps.
This is possible, recently I did the same with Hostgator and GCP ( Mail service from webmail and app in Google Cloud ). These are the steps I followed.
1) Add new A record ( if possible/allowed add with name # ) in your
shared/hosting/cpanel service, and point it to your cloud providers
IP(the IP on which your app is running).
2) Add another A record with name www and point it to the IP of your
service running in the cloud.
3) Delete the CNAME record called mail.
4)Add new A record with name mail and point it to your cpanel /
webmail service providers IP.
5)Add MX record and point it to destination mail.yoursitename.tld and
set the priority as 0
By this point, you will be able to send mail.
6) Add SPF record ( TXT record ) or go to Authentication settings in
the Email section in your cpanel and enable SPF.
7)Go to Email Routing in the Email section in your cpanel and select
your domain then choose Local Mail Exchanger under Configure Email
Routing. That's it now you will be able to receive emails also.
Link to my original answer
I have read the Sparkpost documentation and have followed step by step... and waiting for my account to be verified ... Unfortunately, my account has been blocked without I know what is the reason ... Then I try to find the solution on the sparkpost website. ..Then I find this link that explains the reasons why the sparkpost account is blocked ... https://www.sparkpost.com/docs/getting-started/requirements-for-sending-domains/
3 Reasons:
You must own or have administrative access to your domain
An A record or MX record in DNS must exist for your domain
The organizational domain can not be used across more than one SparkPost account ..
Then I just know my DNS settings for my Freenom domain does not have MX type ... But I do not know how to get a free mail server ... I do not know how to setup MX in DNS settings ... I'm confused ... Can anyone tell me what should i do?
Note: I use 000webhost.com
DNS Settings for my Freenom domain
According to here: 000webhost modify MX record and here
This is what those links say:
You can change the MX records your domain by navigating to cPanel and selecting 'Modify MX Record'. To have the ability to create or modify other DNS records such as CNAME or A record, you need to upgrade your account. Full DNS management is not included with free web hosting accounts.
Panel > Set web address > your-domain > Manage > Modify MX records
I would like to ask if its possible to retain the email of my domain to godaddy and is hosted in gmail but the hosting is in different provider like namecheap. I know how to point the nameserver of namecheap to godaddy but my problem is with the email
Assuming I understand correctly, you are using Google Apps For Mail. If so, you may simply host your domain name with Namecheap and then set up Google MX records for your domain name. This way you will have your domain hosted with Namecheap and mail service handled by Gmail. No need to include GoDaddy into this chain.
You may find MX records here: https://support.google.com/a/answer/33915?hl=en
These MX records should be set up in your cPanel (if you have a hosting plan) or at the Advanced DNS page of your Namecheap account (if you are using Namecheap's Premium or Basic DNS).
When messing around with different mail hosting options I noticed a very aggravating pattern with my Android phone. Neither the built-in mail app nor the gmail app supported email auto-configuration.
When using most mail services such as Namecheap, Zoho, Rackspace, etc. this became a real issue. I would enter my email address and password then instead of it just working like magic, it would invariably fail as it attempted to set the mail server to mail.example.com instead of mail.privateemail.com or smtp.zoho.com
I can configure a CNAME entry for my domain to redirect to these servers and successfully connect to mail.example.com.... up until I try to enable secure e-mail (STARTTLS or TLS wrapper). When I do this the domain name on the certificate does not match up to the domain name I am using to access and the whole thing fails.
Of course setting up my own mail server could be an option, but it could take months or years for my IP address to build up enough reputation to not get auto-blocked by major providers like Gmail or Yahoo. This whole past month DreamHost has been unable to send emails to any address owned by AT&T, which has been nightmarish to get resolved. Not wanting an issue like that, I would like to go with a big name for e-mail hosting.
While looking into Amazon SES to see if it would be easy to set up, I noticed this page on secure tunnels to AWS SES
I'm not super familiar with mail servers and I honestly have no idea what I'm reading on this page. Like I can follow the steps to install and configure this program and run it, but it doesn't accurately say what the purpose is of doing this. Am I right in believing that this might solve my SSL issue and allow me to send mail to mail.example.com without any issues? If so, is there any additional setup that I will require which is not adequately explained by this article?
We have a client with a website hosted on AWS and he is using Google apps to send notification emails. These emails are marked as spam/junk.
We have set an SPF record as per Google's documentation. Clicking on view messege source I found SPF:softfail. From what I understand, setting up reverse DNS/PTR record can also help, but we have 2 production instances behind an ELB and we're not sure how to set that up as it doesn't have a public IP.
This is how our Route53 setup looks:
example.com A ALIAS ***.elb.amazonaws.com.
example.com MX 1 ASPMX.L.GOOGLE.COM.
example.com TXT "v=spf1 include:_spf.google.com ~all"
mail.example.com CNAME ghs.googlehosted.com
Apparently, the client was sending all of his emails through local smtp without using Google Apps. I've added his IP to the SPF record temporarily until he moves the emails over to go through google. We have also set a DKIM record.
PTR records and ELBs had nothing to do with it.