I started using gmail to send through my personal domain and had been kind of perplexed by this myself. Nice to know it's possible to fix it (even if it's really convoluted just how many steps you have to take to configure everything correctly). You have to send through SMTP instead of through Gmail's servers (Though oddly enough, the SMTP server belongs to Google...), set up SPF and DKIM manually, etc etc.
EDIT:
Just found this, great way to create SPF DNS strings:
It actually explains all the syntax and lets you edit it easily. Much less confusing than trying to figure out what the hell the elements of the SPF string do by yourself and then waiting hours to see how verifiers parse it.
No, you actually do according to some other sources I looked up. If you don't set up your gmail to use alternate SMTP, the headers end up slightly different and your actual gmail account shows up in the headers.
By switching it to send via SMTP and then plugging in the SMTP details for my apps account, the gmail account was replaced in the headers by the apps account.
I don't know, I tested both ways myself and the headers were the same both times. To clarify, my account is an apps account, there's no plain-gmail account in my setup. I only have one account, the other domain is just an alias to it (so my SMTP settings of the account just pointed to itself).
OK, that is the confusing thing. I thought you were making your personal gmail account send through your apps account (since it owns the domain). I guess it was unclear because when you said 'Gmail' I thought you meant gmail.com gmail, not apps mail.
I got rid of the 'via' just using a free Gmail account.
(Google Apps used to have a nice wizard that walked you thru it, but they have recently stopped giving away Apps for free.)
My website was registered thru Godaddy for $3.17 (I had a coupon) and is hosted on an Amazon EC2 micro instance (free for a year), so the cost is hard to beat.
I could share the details if anyone was interested.
The settings on all three (Godaddy, Gmail, Amazon) have to be tweaked.
This is tangental, but while we're talking about SPF...
I've noticed lately that it's getting trickier for businesses to stay within the 10 DNS lookups per SPF record limit. For example, Google's official SPF record is _spf.google.com which in turn includes _netblocks.google.com, _netblocks2.google.com and _netblocks3.google.com. That's 4 DNS lookups. Use Salesforce? They include Google's SPF record in theirs. Use Zendesk? Their previously published SPF records are support.zendesk.com and smtp.zendesk.com. Both those record include mail.zendesk.com which includes _spf.zdsys.com which includes _netblocks.zdsys.com. The number of includes/DNS lookups is a growing problem as these businesses continue adding more IPs.
If you're allowing several external services to send email on your behalf, you might want to double check your SPF record to see how many DNS requests you're making.
Anyone have an idea for how to do this with regular gmail? I have a domain that I manage via outlook.com (it's free and Google Apps isn't anymore), and I managed to fabricate my own SPF record that authorizes both gmail and outlook senders, but I'm a bit stumped for the DKIM. Do I need to "generate" it from gmail or outlook, or both? And if so, where? Can't find the option anywhere. Maybe it's something exclusive for Google Apps?
23 comments
[ 4.5 ms ] story [ 66.6 ms ] threadhttp://help.mandrill.com/entries/21751322-What-are-SPF-and-D...
They do.
EDIT: Just found this, great way to create SPF DNS strings:
http://www.microsoft.com/mscorp/safety/content/technologies/...
It actually explains all the syntax and lets you edit it easily. Much less confusing than trying to figure out what the hell the elements of the SPF string do by yourself and then waiting hours to see how verifiers parse it.
By switching it to send via SMTP and then plugging in the SMTP details for my apps account, the gmail account was replaced in the headers by the apps account.
http://www.kitterman.com/spf/validate.html
(Google Apps used to have a nice wizard that walked you thru it, but they have recently stopped giving away Apps for free.)
My website was registered thru Godaddy for $3.17 (I had a coupon) and is hosted on an Amazon EC2 micro instance (free for a year), so the cost is hard to beat.
I could share the details if anyone was interested.
The settings on all three (Godaddy, Gmail, Amazon) have to be tweaked.
I've noticed lately that it's getting trickier for businesses to stay within the 10 DNS lookups per SPF record limit. For example, Google's official SPF record is _spf.google.com which in turn includes _netblocks.google.com, _netblocks2.google.com and _netblocks3.google.com. That's 4 DNS lookups. Use Salesforce? They include Google's SPF record in theirs. Use Zendesk? Their previously published SPF records are support.zendesk.com and smtp.zendesk.com. Both those record include mail.zendesk.com which includes _spf.zdsys.com which includes _netblocks.zdsys.com. The number of includes/DNS lookups is a growing problem as these businesses continue adding more IPs.
If you're allowing several external services to send email on your behalf, you might want to double check your SPF record to see how many DNS requests you're making.
EDIT: Apparently it takes a while to activate.