I use Mailgun for sending mails in my multi-tenant application. Each tenant is using different (sub)domain in mailgun to send mails around. For example:
Tenant 1 - tenant1.example.com
Tenant 2 - tenant2.example.com
...
I would like to be able to create tenants automatically (without my involvement). Mailgun provides API for creating domains programatically. The problem is that some DNS entries need to be added to make full use of Mailgun features. My current DNS provider does not provide API for automatically adding those entries.
I noticed, that if I add single SPF record with name *.example.com then mailgun is fine with this and does not ask me to add SPF record separately for each subdomain.
Is it possible to do the same with DKIM? If not, what are the alternatives?
Related
The Domain Authentication process requires creating three cname DNS records. Something like:
em1234.example.com
s1._domainkey.example.com
s1._domainkey.example.com
Our website domain is moving to another Azure directory, and so I have to set up a new SendGrid account. The previous account already has those records setup. The number in the first record is different, but the last two are the same. In order to verify the domain in the new account, I have to set them up again, and the values will change. If I set up the new values, will the old account still be able to send email? The new site is not yet launching, but I'd like to have it all set up and tested beforehand.
My understanding is that the CNAME records that you set up through domain authentication allow for SendGrid to handle and keep up to date the requirements for SPF and DKIM. So, if you were to create a new SendGrid account and change the s1._domainkey.example.com record for your domain to the settings for the new account, then your emails from your old account might start being rejected or failing SPF and DKIM checks.
You might consider setting up your emails under a subdomain while you move between accounts to avoid messing with the main domain's DNS records. Or you could move your existing mails to be sent out over a subdomain and then set up the main domain on your new account.
For more in depth support with this, I recommend checking with SendGrid support.
I just learned from SendGrid support that you can set up CNAME records with a different prefix than s1 and s2 by choosing a custom DKIM selector: https://docs.sendgrid.com/ui/account-and-settings/how-to-set-up-domain-authentication#using-a-custom-dkim-selector
I have a problem setting up GSuite gmail. I can send out emails to other accounts; however, I cannot receive any emails from outside. My admin page says
Setting up email is taking longer than expected
We were unable to set up email, or your domain host is taking longer than expected to update your information.
My domain is registered with Namecheap. But it is served from Amazon S3. And the "https" certificate is verified and served through CloudFront. When setting up "MX Records" for Gsuite gmail, I set up in Namecheap. But it has been more than 72 hours, and Gsuite is still not picking up. In my situation, do I have to set up "MX Records" through Route53 because it is being hosted in Amazon S3?
You can setup MX records however if your domain is still not verified with G Suite you will not be able to use emails or any other service. Make sure to:
Your domain has been verified Verify your domain for G Suite.
MX Records are setup properly G Suite MX record values
If you domain is verified make sure that all apps on Admin Console > Apps > G Suite are enabled.
Also as recommendation set up SPF, DKIM and DMARC to authenticate email.
If you are still not able to receive emails I would suggest to contact G Suite Support. Also make sure where your Domain NS servers are pointing to, there is where you have to update the DNS.
It's not really an issue with Google, every domain's MX records are public, you can easily inspect your domain and verify if the MX records are already setup to Google, check https://mxtoolbox.com/ and make sure that the MX records are already ASPMX.L.GOOGLE.COM, if it's not, then make sure that the MX is updated in your NameServers (not necesarily your domain provider), same online tools can easily tell you which is your active NameServers (Google NS lookup tools).
This getstream link says for verification of our webhook there are two ways.
In Verification via DNS,
were do I have to place the "_getstream" TXT record?
This would go in the domain record of your preferred domain name where you host your webhook. For example, if we would connect to your-awesome-webhook-service.com as the hostname, then you would add the TXT record as an extra record with your A records, CNAME records, etc. at name.com or wherever you control your DNS entries for that domain.
I am trying to use phplist in a different server than the domain that I want to use it as a sender. Is is possible?
To clarify my question:
my phplist is installed in example.com
The domain that I want to use as sender is example1.com (in another
ip than phplist)
I would need some help on how I have to set up my dns settings in both servers.
(In phplist settings I use smtp credentials of info#example1.com)
Please let me know if I need to clarify something better.
It's perfectly acceptable for a domain to be associated with more than one server in various ways. You don't have to do anything special to send from a different domain, but it would be a very good idea to add the IPs to the SPF record for the domain you're sending from. For outbound you don't have to do anything in DNS - to deal with bounces you can use a return path in your sender domain rather than the from domain.
Hi you have ask a good question about adding a new domain to the phplist.
If you need to set up a new from emails using the domain example1.com, go to campaign setting, and add the new from email address in your case whatever#example1.com.
Also you need to add an spf record to the dns area of example1.com, to allows your IP addresses to send emails from domain example1.com.
you can use spf wizard to generate the spf reccord https://www.spfwizard.net/
wish that all you need.
I am having some difficulty setting up my SendGrid account to connect to my DNS on Cloudflare and enable custom domain whitelisting for two domains.
My plan is to deploy emails from my Clickfunnels' Actionetics account. Currently, my integration into Clickfunnels is a success and I was able to receive an automated test e-mail (from my custom domain) to my personal email address. I understand that I should be able to send emails from any e-mail address I need (support#domain.com, hamid#domain.com, info#domain.com) without needing to physically needing to go through any setup process to get these emails up and running. Initially when I went through the SendGrid setup, I needed to add 3 CNAMES to my Cloudflare DNS. Everything successfully installed without any issues from Cloudflare. After speaking with Support, I was told that I might need to retry the whitelabel wizard with automatic security off. Going through this wizard should give 2 txt's and one MX (mail exchanger) record instead of 3 CNAMES.
"Automating security allows the system to redirect ISPs to SendGrid to check DNS records that follow strict security protocols and are custom to your account. Due to a character limit on TXT records, we are only able to create a custom SPF (sender policy framework) record for users with up to 11 IP addresses. This will not affect deliverability. You would have to go through the whitelabel process again."
If you have experience in this type of issue, please let me know what you think.
This is one method the I recommended.
“white-label the domains again but this time completing it with automatic security turned off. Going through this wizard should give 2 txt's and one MX record instead of 3 CNAMES.”
"Automating security allows the system to redirect ISPs to SendGrid to check DNS records that follow strict security protocols and are custom to your account.
Due to a character limit on TXT records, we are only able to create a custom SPF record for users with up to 11 IP addresses. This will not affect deliverability. You would have to go through the white-label process again."
Thanks, I hope you can resolve this.
I can't understand your question.
SPF is kind of TXT record, it can help receiver know email comes from right ip address.
Whitelabeled Domains help receiver know email really comes from the right server.
Sendgrid need a subdomain and two well-know subdomain to verify your identity.