Mail chimp offers three levels of authentication when doing email campaigns.
Manual Authentication
No Authentication
Auto Authentication
From what I understand Manual Authentication is when you set up your own SPF/DKIM records on your DNS.
No Authentication is when no body sets up anything, and I'm pretty sure deliverability goes way down.
The Auto Authentication is what I am curious about. All they do is require the person sending the email to approve that their email address is ok to send from with a validation email. I'm done research, and I can't figure out how mail chimp and other people do this auto-authentication.
Is there any service out there, or would we have to set up our own email servers to accomplish something like this.
Also what kind of effect on deliverability is the "auto" authentication.
Mailchimp is able to automatically attach authentication to your email campaigns without you setting up explicit approval on your server because if you look at the headers of the email when you send it, they are never really affiliating with your server. It will appear as though your campaign was sent from:
you#yoursite.com
But if you look closely at the headers of the email you will find something similar to FROM:
From: =?utf-8?Q?you?=you#yoursite.com
And the sender will say something like:
you=yoursite.com#mail94.us2.mcsv.net
So all of the authentication is set up by Mailchimp on Mailchimp's own outbound SMTP servers, there is never really any interaction with your server.. yoursite.com.
Further:
Mailchimp - Email Delivery for IT Professionals
Mandrill API Documentation - Subaccounts
Related
I'd like to send emails programmatically via SendGrid (from admin#mydomain.example.com), but have replies to that email come to my Google Workspaces inbox for admin#mydomain.example.com). I would then like to reply to the customer from Google Workspaces.
The closest question related to this I could find is Setup | G Suite + Sendgrid for transactional email, but that was a fairly different use-case.
So in my usecase, emails to the customer would come from admin#mydomain.example.com via EITHER SendGrid or Google Workspaces.
Here's a article from MailGun that talks about a similiar pattern
My questions:
Will this result in deliverability issues, having emails sometimes come with different signing keys/domains? I don't understand email signing particularly well.
Is there anyway to have replies to the email address go to BOTH SendGrid and Google Workspaces, so I'll have it in my inbox but can also get it posted to a webhook by SendGrid? I think the answer is no, but figured I'd ask.
Any other considerations I should keep in mind for this strategy? Is this a poor idea for some reason?
Thanks!
Yes, this will result in deliverability issues. You should use the same domain for both sending and receiving.
No, you can't have replies go to both. You can have replies go to a webhook, but you can't have them go to both a webhook and a mailbox.
Final consideration: This is a poor idea. You should use the same domain for both sending and receiving. If you want to use SendGrid, you should use SendGrid for both sending and receiving. If you want to use Google Workspaces, you should use Google Workspaces for both sending and receiving. You can't use both at the same time.
Another consideration: If you're sending a lot of emails, you might get flagged as a spammer if you're sending from multiple domains.
The company I work for does something similar that might be helpful for your scenario.
We have a number of systems that send emails via SendGrid e.g. Auth0, Salesforce, various bespoke systems, etc. Some of these use native integrations to SendGrid, some use SMTP relaying, and others send emails programatically via the SendGrid API.
We've implemented sender auth (i.e. DKIM) in SendGrid for our domain e.g. mydomain.example.com, but we don't handle replies in SendGrid as we want replies to go to a different system - specifically our contact center system (which is the main systems our help desk staff use). Help desk staff would then reply to emails from within the contact center system. Note: we needed to configure DKIM for both SendGrid as well as the contact center system (as both currently send emails from mydomain.example.com), but in the future the intent was to implement a SMTP relay in the contact center system (to SendGrid) so that all sending goes through SendGrid.
I'm a bit fuzzy on the fine-grained implementation details of how we handle replies, but essentially we point the (single) MX record for mydomain.example.com to a third-party email protection system which scans the emails and forwards them to Office 365 mailboxes which subsequently forwards them to our contact centre system. I believe Office 365 is really only there for email posterity. AFAIK you should be able to point the MX record to anything that can handle SMTP.
In your scenario you should be able to configure the MX record for the mydomain.example.com domain to point at your Google Workspaces. This will allow you to send emails from SendGrid and use Google Workspaces to handle the sending and receiving of replies.
Not sure if you can configure SMTP relaying in Google Workspaces (i.e. to relay through SendGrid), but this would mean you'd only need to configure DKIM for SendGrid. All emails would be sent by SendGrid and replies would be go to Google Workspaces.
I am using mailgun.com for occassional mass-mailings. Would it be possible to also use it for sending personal emails from me and my wife? The specific problem is that email errors (e.g. "Recipient not found on the server") are only available in the mailgun console and I'd like for them to be received as an error emails sent back to the sender (as is the case with "standard" personal email services). Is it possible to set this up at mailgun.com?
Alternatively, is there a cheap (or even free) SMTP server available for sending emails from the custom domain I own?
(Note that RECEIVING emails to our domain is not a problem, we have that solved using email redirection on my domain.)
Detailed explanation of our setup and reasoning: Behind the scenes, we are both using personail gmail accounts (e.g. me#gmail.com and wife#gmail.com) but we don't advertise these anywhere and our "public" email addresses are me#mydomain.com and wife#mydomain.com. Mydomain.com uses Cloudflare email redirection to redirect our incoming emails back to our Gmail inboxes. We used "Send mail as" GMail feature to send emails as "me#mydomain.com" and "wife#mydomain.com" through smtp.gmail.com but this solution requires us to have "Less secure apps" enabled on our Google accounts and Google seems to be phasing this solution out. The fact that our "real" Gmail addresses are visible in the email headers is not a problem for us.
Originally, we've used free "legacy" Google Workspace accounts on mydomain.com but those are now also being phased out by Google. So we are looking for a SMTP server.
Answering my own question:
I have found that smtp2go.com (which provides very similar services to mailgun.com) provides this option. Your SMTP account can be configured (in the "Advanced" tab) so that bounced email reports are delivered back to the sender's mailbox (or to different mailbox). Additionally, smtp2go's services are free if you send less than 1000 emails monthly so this seems like perfect solution to my problem.
(Disclaimer I'm fairly new to development in general and this is my first StackOverflow post all and any feedback is greatly appreciated.)
I'm posting here because I'm on a free SendGrid account and their support team has yet to get back to respond and it's been over a week and I'm dying to solve this issue.
Currently, I'm using Sendgrid as an SMTP and recently my emails have stopped sending to the following esp Yahoo, AOL, and Verizon.net but emails send to Gmail just fine.
Because emails still send to Gmail I used "Email Header Analyzer" via mxtoolbox.com to review and meet the recommendations provided. Which I have implemented on. (See screenshot)
The only thing not checked off is the "DKIM Authenticated" in which it's my understanding that when you verify the domain you're using to send emails with SendGrid takes care of that for you.
It's not the email function itself because it sends just fine to Gmail.
My question is has anyone else experienced this issue? If so what was the fix you did that made it work?
Screenshot of my email header analyzer results:
Turns out that my SendGrid account was over the daily email sending limit for the "free plan" and the emails that were sent correctly to Gmail had been doing so because of a pre-existing mail function (not using SendGrid even though SendGrid was still logging these emails).
I figured out this was happening by looking at the "mailed-by:" info when you toggle the drop-down above the email just under the sender email address. Mailed-ByView With SendGrid it would say "mail-by: sendgird.net" SendGird-Mailed-ByView
It would have been nice if SendGrid made my sending limit information a little more apparent but you can find this information about your account by going to "Settings">"Account Details">"Your Products." YourProductsView
I have a server on OVH and I'm trying to send some mail to my Gmail address using sendmail.
I installed sendmail with apt-get on debian, and echo "Subject: test" | /usr/sbin/sendmail -v mymail#gmail.com works. However Gmail puts the mail in the spam folder and says the mail is not authenticated.
I have no knowledge of how email works and from what I've seen I could use SPF or DKIM to provide authentication, but it seems it requires admin access to ovh DNS servers.
What would be the easiest way, using only admin access to the server that sends mails, to make sure emails sent from it are not marked as spam ?
Thanks
There are no easy way. That's the simple answer.
Google Mail is fighting spam every second, every day, all year. To get mail delivered directly to the inbox requires time and patience and there are no shortcuts. If there where, spammers would have it way to easy!
You are very correct that Google's SMTP servers will ask you to beef up your SMTP mail headers to include better authentication and security. There's no way around it if you want to be on good terms with Google's SMTP servers.
Here is a list of things to consider
SPF (Must have, also to defend spam sent in your name)
DKIM (Must have, this is somewhat a step up from SPF)
ESMTP (Google likes it when you talk to them encrypted)
Bulk headers (Use them if it's bulk, no reason to lie!)
Unsubscribe headers (Use them if you are sending out maillist content)
SMTP relay's with nice Senderscores (Easy access to the inbox, but cost)
SMTP relay's with good reputation (Easy access to the inbox, but cost)
Feedback loop headers/setup (If you send large amount of mails)
Only use "warmed up" SMTP relay servers (Mostly used by bulk senders)
Reverse DNS to match HELO/HELO (Mismatch can make problems)
Static IP (It's a given)
As you can see it's no simple task to "just" send an email to Google and expect it to be passed along to the users Inbox without getting targeted as spam.
Most of the options above requires extensive server knowlagde or that your hosting provider supports it. You need to have access to change your own DNS records but also the SMTP server that you send your mail from needs to be setup with the things in advance.
Now to the:
"How to send emails to Google Mail that always land in the inbox for dummies"
Well you basically buy your way into the inbox. Use SMTP services like Mailchimp, Amazon AWS-SMS (Simple Mail Service) many if not all of these services have already setup DKIM, SPF and are on good terms with Google. They do however have many rules and what and what not to do so if you don't follow the rules they will close your account right away.
Does anyone know if you can hide or modify some of the header fields from the sent email via the Gmail web interface?
such as:
X-Gmail-Original-Message-ID: xxxxxxxxxxxx#mail.gmail.com
Message-ID: xxxxxxxxxxxxx#mail.gmail.com
My idea would be to completely fake (hide the fact) that the said email was sent from the Gmail web interface. The goal of that would be simple - use Gmail even if the company you work for, does not allow it.
Perhaps there is a Gmail extension for that?
AFAIK, you can only change the from email when sending email from Gmail. Take a look at Send emails from a different address or alias.
Also, there are techniques to really find out where an email came from; forging email headers and/or spoofing emails is something that spammers do and will get your IP address blacklisted by your ISP.
You can also check How can I find out where an email really came from?. The headers can also be put in SpamCop and let them do the trace work with an option of sending a SPAM notice to the responsible sysadmin.