Hacker News .hnnew | past | comments | ask | show | jobs | submitlogin

Tangentially, I've been using my own domain with Gmail for years, but as of ~1y ago, it's been causing me problems. Emails sent from such custom addresses to my domain (which forwards back to my gmail) get a "This might be phishing" banner.

See, Gmail lets you configure it so that you can send emails as another address. This required a bit of verification via a DNS check, but trivial if you controlled your domain.

However, with the advent of SPF/DKIM/DMARC enforcing, this doesn't work well anymore. My main problem is that my domain is configured to forward select emails back to gmail. This breaks SPF, and I haven't yet found a way to fix this with Gmail.

I guess I need to wade through some SPF/DKIM/DMARC documentation. Google's own has not been useful.



Here are the records I am using with cloudflare. Ive never had an issue

@

v=spf1 a mx include:_spf.google.com include:_spf.mx.cloudflare.net ~all

_dmarc

v=DMARC1; p=none; rua=mailto:my@emai.com; aspf=r;

The way I have it set up is that cloudflare catches all my email and then routes it to my gmail account. My gmail then uses my email as a "send as" address. No DKIM record is needed because google is the one sending the emails with smtp, but dmarc and spf are needed either way.


> This breaks SPF

The way to do this forwarding would be to remail it in the same way that mailing lists do, rather than a SMTP forward.

The sender (SMTP envelope sender) gets rewritten, and so SPF is good. The From: header stays the same. SPF doesn't care about the From: header, only the SMTP envelope sender.


How do I do that in Gmail?


not possible in gmail. It'd have to be done on the intermediary forwarding server.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: