I am using the SendGrid for receiving the emails from my domain (example.com). I have configured all the steps from the mentioned link Sendgrid Inbound Parse Webhook.
I have added all the name records(MX records and CNAMES) in the GoDaddy DNS records against my domain.
The issue is when I send an email to hello#example.com. When an email is sent to this email-id there is no mail delivery failure report. There is no any statistics for the SendGird console about the webhook got triggered.
I am not able to figure out what went wrong in this process. As emails in the sendgrid webhook are not received.
I think they are lost in between.
I found the documentation to be insufficient in this area. You need to send to the subdomain, listed in your MX record, which redirects mail to sendgrid.
For example, if you add a MX record for email.example.com, you need to send the email to user#email.example.com.
One of the best ways to test if a 3rd party Web API post is being triggered or not is by using a tool that receives posts and provides visibility to the data sent along with the post (e.g. Headers, parameters, and the related data in json, text, etc).
One of the tools that I have used to test if a post is being triggered or not is offered by: https://requestbin.fullcontact.com/. Take these steps to set-up your testing environment:
(note: I am not associated with the requestbin.fullcontact.com resource - I am just an enthusiastic fan of this very useful service).
Go to requestbin and "Create a RequestBin". This will create your own unique requestbin URL. (e.g. https://requestbin.fullcontact.com/xxxxx)
Copy this URL, and paste it into your SendGrid Inbound Parse "Destination URL".
Keep your testing environment simple initially by NOT checking the "Additional Options" (Check incoming emails for spam & Post the raw...).
Be sure you do not enter a 'Subdomain' in the SendGrid Inbound Parse "Receiving Domain" unless you are expecting users to use the subdomain as part of your email address.
Re: #3, same applies to your DNS at GoDaddy. Your email should also not reflect a 'subdomain' as part of your MX record (e.g. you should not use mail.example.com).
Click "Add".
Now, send an email to your domain (e.g. info#example.com).
Check your requestbin to see if a post was made by using your unique requestbin URL, appended with "?inspect" (e.g. https://requestbin.fullcontact.com/xxxxx?inspect).
Result: You should see post information when viewing your 'inspect' URL.
Using this first step of a diagnostic process to test your usage of SendGrid's Inbound Parse should help expose potential problems in your configuration (e.g. DNS set up would be the next area to look at if no post data is being received in the requestbin inspect URL). Good luck.
Related
I don't have any technical problems, but I have a question that I would like to be answered out of curiosity.
Here is my current understanding of how email works:
One of the privileges of having your own domain is that you can hook it up to IMAP/POP3/SMTP servers and use them to send and receive messages to and from "anyone#yourdomain.com". With spam being such a problem, however, the SMTP server that you use to send messages must add a bunch of headers (DKIM, SPF, etc) to each message that you send in order to prove that the SMTP server has the authority to send emails from that domain. The receiving SMTP server can cross-check those headers with DNS records that it finds to verify the legitimacy of the email message.
So if you want to send emails with your domain cheaply, you can use Gmail's "Send Mail As" feature. I followed this help article to get mine working: https://support.google.com/domains/answer/9437157
Note: I unchecked the "Treat as an alias" option during the setup.
But wait... no additional DNS configuration required? I have my domain registered with Cloudflare, and there are no entries related to Google in there.
There is this step in the setup process:
But it seems that this only for Google to prevent you from using their servers to send spam. What is stopping Google from impersonating any email address they want? Why do receiving SMTP servers trust an email from "anyone#yourdomain.com" if Google's SMTP servers have no way of adding legitimate SPF/DKIM headers?
The short answer is that nothing prevents Google from doing this, and that DMARC was created for exactly this case.
There is nothing that stops Google from impersonating any domain. However, there are things receivers can (and should) do when they receive an email which isn't send from the server indicated in the From: field.
Try sending an email from the alias you just added to a different #gmail.com inbox. You will see that it says via gmail.com behind the sender email address. But other email receivers might do more: flag this message with red exclamation marks and scam warnings, throw it into spam or even deny receiving it completely. Gmail probably has some hardcoded trust, but try doing this from your own SMTP server and the above will very likely happen.
As you say in your question, you can authorize your emails by marking gmail.com as an authorized sender with SPF (which protects against forging from other domains, but doesn't stop Google), or even sign your emails with DKIM (not possible from Gmail UI, but you can do this in some email clients or send email with a custom Python script like me; Google can't do this without knowing the key).
However, that only solves one side of the problem – authorizing legitimate email messages. But what if an SMTP server still receives an unverified email? What if they have previously received an email from the same sender which was DKIM signed? What if DKIM passes, but SPF fails?
Because the behavior in that case is largely unspecified, and also the sender wants to check if their DKIM/SPF authorizations are actually working, and if anyone is attempting to spoof them, another standard was created: DMARC. It introduces another DNS TXT record where you can say what checks are required to pass, what to do if they fail, and also what basic analytics should the receivers report to the owner of the domain.
Of all webmail client providers, Google's Send mail as is actually the most well-implemented for a variety of reasons.
First of all, how it works is not different from when you set up POP3 or IMAP using a mail client like Outlook or Thunderbird. You have to specify the domain and port where you receive emails from, and the domain and port where you send emails from. For example, Google's incoming and outgoing servers for IMAP are as follows:
imap.gmail.com:993
smtp.gmail.com:465
The Send mail as feature is a partial implementation of that. It only implements the outgoing part.
How mail clients like Outlook and Thunderbird send emails, is basically that it sends the email to the outgoing mail server, and the outgoing mail server then sends the email. Usually, outgoing mail servers will require some sort of authentication, and will allow authenticated users to only send from specific email addresses.
Gmail works the same way. The outgoing mail server is the one that has to pass the SPF and DKIM tests, not Google's servers.
No other webmail clients do this. Hotmail used to do this, but they recently removed the feature. Now, the option is very difficult to find, and they just rewrite your FROM address and sends your email from Hotmail's SMTP server, which creates delivery problems.
They don't provide you with the option to send emails from another SMTP server, because this allows people to very easily set up virtual mail servers that can send emails under a domain of your choice, but use say a typical free Hotmail account to store incoming mails. This takes away business from their paid services, because both Hotmail and Gmail sell the option to host your company emails. I'm sure Google also knows about this, but it is really awesome of them to still keep the option available to free Gmail users.
If you want to learn more about virtual email servers, you can check out this article here: https://blog.terresquall.com/2022/01/setting-up-a-virtual-postfix-mail-server-part-1/
I am developing PHP application that, after sign-up, sends an activation mail to the registered email address using Amazon SES (Simple Email Service).
But SES is only sending emails to verified users.
How can I send the activation link to any non-verified email address, too?
While running in sandbox mode you can only send to verified users - once your account has been activated, you can send to anyone.
Getting out of the sandbox:
http://docs.aws.amazon.com/ses/latest/DeveloperGuide/request-production-access.html
By default you can only send to email addresses that have been verified in your SES account. As others have said, this is called "sandbox mode". This is to prevent spam.
To enable "production mode", where you can send emails to non-verified email addresses, you need to request this manually through a support ticket, which will also be examined manually by an AWS employee. This is all explained clearly in the same link that the top answer gave back in 2016 but I've also preserved the 7-step instructions (just in case the link changes or can't be opened for some reason):
In the account details modal, fill out the following account details.
For Enable production access, choose Yes or No. You can only move out of the sandbox by choosing Yes.
For Mail Type, choose the type of email that you plan to send. If more than one value applies, choose the option that applies to the
majority of the email that you plan to send.
For Website URL, enter the URL of your website. Providing this information helps us better understand the type of content that you
plan to send.
For Use case description, explain how you plan to use Amazon SES to send email. To help us process your request, you should answer the
following questions:
How do you plan to build or acquire your mailing list?
How do you plan to handle bounces and complaints?
How can recipients opt out of receiving email from you?
How did you choose the sending rate or sending quota that you specified in this request?
For Additional contact addresses, tell us where you want to receive communications about your account. This can be a
comma-separated list of up to 4 email addresses.
For Preferred contact language, choose whether you want to receive communications for this case in English or Japanese.
When you finish, choose Submit for review.
If you are successful, you will get an email from no-reply-aws#amazon.com saying:
Hello,
Thank you for submitting your request to increase your sending limits.
Your new sending quota is 50,000 messages per day. Your maximum send
rate is now 14 messages per second. We have also moved your account
out of the Amazon SES sandbox.
This takes effect immediately in the XXXX region. You can
view the current sending rate and sending quota for your account on
the Sending Statistics page of the Amazon SES console, or by using the
GetSendQuota API.
If unsuccessful, you will get an email saying the following:
Thank you for providing us with additional information about your
Amazon SES account in the Europe (London) region. We reviewed this
information, but we are still unable to grant your request.
We made this decision because we believe that your use case would
impact the deliverability of our service.
We cannot assist you further with this issue, and we will not respond
to additional messages on this subject.
The SES forum is full of frustrated people who got the second message (indicated an unsuccessful application to send emails to non-verified email addresses), but I can assure that that this morning I got the first message (indicating a successful application to exit the sandbox and enter production mode where I can send to non-verified email addresses).
The forums indicate that this can be very hit-or-miss, depending on which staff members reads your application (people have pointed out that they have had some accounts approved with barely any description, and other accounts not approved despite giving what they felt were sufficient details). Therefore I'd advise you to be thorough during this application.
These are the restrictions in SES sandbox :
You can only send mail to the Amazon SES mailbox simulator and to verified email addresses and domains.
You can only send mail from verified email addresses and domains.
You can send a maximum of 200 messages per 24-hour period.
Amazon SES can accept a maximum of one message from your account per second.
You have to move out of sandbox to send email to non-verified email address using AWS SES.
After you move out from sandbox mode, you need to handle complains and bounds about SES.
AWS asking us ,you are sending a mail to an unregistered mail adress.what if mail adress doesn't exist? .AWS needs notificate you about the sending status of mail which you sent.
There are three sending status : complaints,bounds(mandatory),deliver(optional)
So you can get a notification about the mail if it sent or not with the reason.
To handle complaints and bounds,you need to create SNS topics and need to relate them with the SES.now AWS can notificate you about the mail it is sent or failed or something else..
Here is the detailed description how to relate SNS and SES :
https://docs.aws.amazon.com/en_us/ses/latest/DeveloperGuide/configure-sns-notifications.html
NEW UPDATE:
You can now go to the SES account page and directly drop a request for production access.
https://ap-south-1.console.aws.amazon.com/ses/home#/account
I would like to parse inbound emails in a Node.js app hosted on Digital Ocean. I want to create an email address for my app's domain that can post to a webhook. How do I create an email address like name#example.com (or name#subdomain.example.com)? I am trying to avoid creating one through a third party because I just need to quickly parse the incoming content, and don't need all the functionality of regular email.
For parsing, I am using Mailin.io, and following Mailin's documentation I have changed my Domain records on Digital Ocean as follows:
MX 10 subdomain.example.com
A subdomain [ip address of my droplet]
I have the webhook set up at http://www.example.com/webhook, and if I post using curl, I get the expected response, but I can't figure out how to post to the webhook via email.
Am I going about this the right way?
I installed on a Google Compute Engine postfix as a MTA.
The Mails are sent via sendgrid.
Now any Mails (tests, errorlogs, cron...) to GMail are marked as Spam.
Sending the same mails from an normal server without sendgrid is no problem.
(I have many root-server and are just trying sendgrid)
Why does google think that every mail from sendgrid is spam?
try with this:
https://serverfault.com/questions/115161/fixing-my-mtas-poor-reputation
and Maybe your IP its reported in blacklist.
Try using other reserverved ip address in your instance.
https://developers.google.com/compute/docs/instances-and-network
For maximum deliverability, SPF and DKIM records need to be setup and properly configured in the DNS records for the domain you want to send mail from. Assuming you signed up for the [free tier of SendGrid][1], available to Google Compute Engine customers:
SPF: make sure the string include:sendgrid.net is present. The most basic setup would then be v=spf1 a mx include:sendgrid.net ~all, if all email for the domain is sent via Sendgrid this is enough. If you have more complex needs, use an SPF builder, such as Microsoft's.
DKIM: get it from the Google Apps account manager, under 'Settings for Gmail>Settings for Gmail'
After those two are in the DNS records for the domain in question, use the Port25 verifier to ensure all settings are correct. Of course, if you want to test whether mail from the server is properly setup for deliverability, send them email form the server. Same for email from Outlook, etc.
PS1: These instructions vary slightly if you are using a paid version of Sendgrid
PS2: All Google Compute Engine IPs are listed in Spamhaus PBL. Email should not come from these IPs directly (but if you have a specific reason to do so you can contact GCE Support - which is not free - and request that they add a reverse DNS record for you so you can start sending mail from this address directly).
I have my web app working in azure. What I would like is to be able to send emails from xxx#mydomain.com. Is that possible using SendGrid?
For example, if I use gmail's smtp, emails are sent from the email address specified in the NetworkCredentials user name, even if in the MailMessage I use a different email address.
If I use SendGrid instead, will emails come from the user name created by azure or will I be able to achieve this?
You will be able to send email from whatever address you want, just specify the correct from address (e.g. xxx#mydomain.com) when sending the email.
You will need to use what SendGrid calls "Whitelabels":
To access this page, log into https://app.sendgrid.com/ then click on Settings > Whitelabels > Domains:
SendGrid will then ask you to enter 3 CNAME records to prove that you own/ have authorised access to that domain.