I switched to use Mailgun from Sendgrid for email sending, we have several domains which would like to send email via Mailgun, to verify a domain, it requires for lot of DNS configuration like TXT, CNAME, MX... while with Sendgrid, it just asks me for 3 CNAME.
I'm not sure why Mailgun requires to configure much DNS information like that, does it take any advantages over SendGrid with just CNAME, if not, I think they should investigate and apply the Sendgrid way.
To clarify the use of each type of record for such mail service, For sending an email all you need to do is verify that you own the domain from which you are sending the email, they way these companies verifies the domain is by checking the DNS entry for either a CNAME or TXT record. Ideally post this verification you should be able to send email from either of the service.
The requirement of adding the additional records in the DNS zone are for use cases like -
TXT records - DKIM and SPF records, Adding these records ensures that your emails doesn't go to spam as the other email service providers verify if its a valid email from a valid sender using DKIM and SPF records. So you need to add the DKIM and SPF records.
CNAME record - Now a days everyone wants to track the email activities done by the users on the email sent to them. Activities like email opens, link clicks etc. These can be done by the email service providers but the urls of the links are converted to the email providers domain urls for tracking. If we want to have our own domain name for all links in the email including the tracking links, thats where a CNAME record for a subdomain is mapped to email providers domain and than that subdomain is used for all links.
MX record - This is required in case you want to receive emails via the email provider of your choice. If you are already using some other email provider for receiving the emails on your domain, you don't need to set up this.
Related
If I add a default DKIM key (default._domainkey....) for a domain, could that interfere with email sent on behalf of that domain from 3rd part mailing services such as Google and Outlook?
To give context and clarify what I'm asking, I host multiple different websites in WHM/cPanel hosting. Many of these websites have contact forms that use PHPMailer on the local web server to send emails from the websites. I was going through all the accounts adding the default DKIM records to improve email deliverabity for these emails sent from the websites. Then I noticed this message in cPanel: "If you send email from another server, you must use this server’s DKIM key on the remote server." Many of these domains use a third party service for email. So that got me wondering if adding the default domain key could cause DKIM to fail when email is sent from those 3rd party services.
I realise that a different (from the default) DKIM key can optionally be added for such services (e.g. google._domainkey....) but if these 3rd party DKIM keys are not added to the DNS records for the domain, then what I'm wondering is if the default DKIM key comes into play for emails sent from those 3rd party services. And if it does come into play, then I guess it would cause a DKIM fail?
DKIM verifies the sender and the integrity of a message. In addition, it allows an email system to prove that spammers did not alter an incoming message while in transit. DKIM also verifies that the messages your domains receive come from the specified domain.
DKIM are important for ensuring that your domain is not delivered to your recipients spam folders or even outright rejected. Mostly hosting providers enables these by default for all cPanel accounts. Third-party DNS providers may require you to add these records manually.
So, answering your question is yes having wrong DKIM record will be a problem. You should add your 3rd party DKIM record in your cpanel.
However missing/ not having DKIM is different scenario as it shouldn't be a problem. Having the DKIM key on your messages is a 'advantage' as to indicate the spam filters and other mail servers that these messages are valid messages. But, not having the DKIM key would not be considered a 'Fail'.
I am interested in purchasing a domain, say mydomain.net
My application, whose url I want to be mydomain.net, would send transactional email for authenticating new users. For this purpose I decided to choose Sendinblue.
I want the sender of my transactional emails be noreply#mydomain.net,
thus I will add a new domain at sendinblue and call it mydomain.net. Then I will add a new sender at Sendinblue and call it noreply#mydomain.net
Am I expected to add a MX record at my hosting provider (and also name registrar) to set the mail delivery destination towards Sendinblue?
The MX records are used to receive mails only. Since you will be sending from Sendinblue and you will not receive answers to noreply#mydomain.net you do not need to create MX record for this.
I've a small SaaS where each client gets a subdomain (stackexchange.my-saas.com)
I've a mailgun account where my main domain is setup and I've created a wildcard SPF record in my DNS and if I add additional domains to my mailgun account with a subdomain, they all verifies correctly.
My question is, do I need to add every new clients subdomain as a new domain in mailgun when I have the wildcard SPF record set or can i "legally" just create a from-address for each new client so the header of the emails will be from: Stack Exchange On My SaaS<noreply#stackexchange.my-saas.com>
Sending:
For sending, there is no need. As you point out, you can have the SPF records set so your email can be sent From: whatever subdomain. Note however that Mailgun will add a Sender: header with your Mailgun registered address if your specified From: address has a different domain.
From: Stack Exchange On My SaaS <noreply#stackexchange.my-saas.com>
Sender: noreply=stackexchange.my-saas.com#my-saas.com
Receiving:
For receiving emails, it's a different story. This is a Mailgun limitation and has been answered in this other question.
Basically, Mailgun uses the same MX servers for everybody, so when they get an email they need to look up to which customer the email belongs to, much like any regular multi-host mail server.
(UPDATE) They allow to register wildcard subdomains, combined with a wildcard MX, it might just work for every subdomain. Note however that because of how DNS works, there is no standard way to define BOTH a wildcard MX and a wildcard CNAME in the same domain. CloudFlare is currently supporting this but it will fail for most other DNS providers.
Alternatively, for receiving emails in your SaaS, you have to register each of your subdomains with Mailgun independently (possible through their API). Note that this also implies verifying the domains adding TXT records for each one on your DNS.
Let's start with understanding how email works. Receiver of the email checks for the dns records of sending domain for example your primary domain is yourdomain.com and email is sent from yourdomain.com will work since you have record created under this already when your email is sent from saas.yourdomain.com then DNS record for saas.yourdomain.com should exist or else it will fail to deliver to inbox. Mailgun asks to verify to make sure it is delivered to inbox and receiver makes sure by checking DNS that it is coming from authentic person by looking up at the DNS.
So the answer is as long as your sending domain is same then you will not create it but if your sending domain is different then you will have to create
Hope this answers your question.
I installed on a Google Compute Engine postfix as a MTA.
The Mails are sent via sendgrid.
Now any Mails (tests, errorlogs, cron...) to GMail are marked as Spam.
Sending the same mails from an normal server without sendgrid is no problem.
(I have many root-server and are just trying sendgrid)
Why does google think that every mail from sendgrid is spam?
try with this:
https://serverfault.com/questions/115161/fixing-my-mtas-poor-reputation
and Maybe your IP its reported in blacklist.
Try using other reserverved ip address in your instance.
https://developers.google.com/compute/docs/instances-and-network
For maximum deliverability, SPF and DKIM records need to be setup and properly configured in the DNS records for the domain you want to send mail from. Assuming you signed up for the [free tier of SendGrid][1], available to Google Compute Engine customers:
SPF: make sure the string include:sendgrid.net is present. The most basic setup would then be v=spf1 a mx include:sendgrid.net ~all, if all email for the domain is sent via Sendgrid this is enough. If you have more complex needs, use an SPF builder, such as Microsoft's.
DKIM: get it from the Google Apps account manager, under 'Settings for Gmail>Settings for Gmail'
After those two are in the DNS records for the domain in question, use the Port25 verifier to ensure all settings are correct. Of course, if you want to test whether mail from the server is properly setup for deliverability, send them email form the server. Same for email from Outlook, etc.
PS1: These instructions vary slightly if you are using a paid version of Sendgrid
PS2: All Google Compute Engine IPs are listed in Spamhaus PBL. Email should not come from these IPs directly (but if you have a specific reason to do so you can contact GCE Support - which is not free - and request that they add a reverse DNS record for you so you can start sending mail from this address directly).
I have a domain hosted at Dreamhost -- foobar.com. It has Google Apps associated with it: the 50 free email accounts which are no longer available for a new domain. I just got another domain -- foobar.edu. I want foobar.edu to become my main domain, but I still want to use the free Google Apps associated with foobar.com to handle incoming mail.
My question: Can I adjust the MX records of foobar.edu so that incoming messages to anyone#foobar.edu will be redirected to anyone#foobar.com and then be handled by my Google Apps?
I can adjust the DNS for both foobar domains, but I don't think that I can ask Google's foobar.com account to also handle foobar.edu emails directly.
if you need just catch email on domain and forward to you other mailbox, you can use http://improvmx.com/ just by adding MX records to your domain
No. You can use MX records to direct mail destined for anyone#foobar.edu to any mail server you want, but when the mail is presented to the chosen mail server, it will still be destined to anyone#foobar.edu.
In other words, email forwarding can't be controlled using MX records.
It's the receiving mail server's job to re-send an email to a "forwarding" address.
As Celada saw, with DNS you can't.
You can do that with Google Apps Default Routing: https://support.google.com/a/answer/2368153?hl=en
As suggested in this question, you'd need to point your MX records to a service that supports mail redirection
It can be only done with advanced DNS routing and it is not freely available, It would be more easier if ou have had Google Apps for business. There is only one company who can allow you to manage Email DNS routing and that is ZOHO. The implementation would be a bit complicated, but possible.
Register account for foobar.edu in Zoho, Verify domain then change MX record. Manage it's Email Routing Options and Manage redirection to different accounts.
Check some of Screenshots i have tested on and it worked. Also check zoho dns email routing guide.
https://www.zoho.com/mail/help/adminconsole/email-routing.html
I hope this will help you!