I've looked at similar questions and AWS documentation, but so far I don't know what the issue can be.
In my SES dashboard, I have two verified identities.
example#abc.com
xyz.com (uses easy DKIM and Custom Mail From). All DNS entries have been created.
Using my Laravel 9 application, I'm able to send emails using the verified email address, but using the domain, no errors are thrown, and no email gets delivered either.
Both scenarios use the same IAM user API keys and permissions.
The email I'm using to send from the domain is noreply#xyz.com which is not a real email. And the Custom Mail From I've specified is mail.xyz.com. As I mentioned, I can see all the DNS entries have been created for the domain.
Related
How to send service emails
from my backend with smtp.google.com or Gmail API while making sure
the secret stored on the backend server can only be used to send emails from a specific sender?
Goal
send user account activation emails from my backend
use smtp.google.com or Gmail API (i.e. no own SMTP server)
authenticate with OAuth2.0 (i.e. don't enable "less secure apps")
Current state
implemented the email sending part
for testing, I created a noreply#**.** Google Suite account
for testing, I generated an accessToken via OAuth2 Playground
using the accessToken I can send emails via smtp.googl.com
Problem
Google suggests to use a service account for this
But to send emails from no-reply#x.y I have to enable Domain-wide Delegation
Domain-wide delegation allows to impersonate every domain account
the secret stored on the backend should only allow to send mails from no-reply#**.**
Lets start with send user account activation emails from my server I am gong to assume that you have a web app. This web app allows users to register with your system. Now when a user registers with your system you want to automatically send them an account creation email. Your idea is to use Google rather than setting up your own smtp server and sending these emails from your own system. Not a bad idea really.
Lets think about this for a minute the emails would need to be sent automatically so you need some kind of service sending them. To do that you want to use a service account. Again this is a great idea using a pre authorized service account that you will not need to have a user to authorize the app.
The only issue is that service accounts do not work with normal gmail accounts. To use a service account with Gmail api you need to use a google workspace domain account. The workspace domain admin would then be able to add permissions to the service account letting it act like a user on the domain. In this case your idea of no-reply.
So your workspace domain account would have a user called no-reply. The domain admin would then configure domain wide delegation to the service account allowing it to pretend that it is the user called no-reply. For all intents and purposes the service account is the no-reply user. It will be able to send mails as if they are coming from that user.
For all this to work you will need the workspace account with that user.
Have a look at the following link, it's actually one of Google's better examples it shows how to set up the delegation.
Perform Google Workspace Domain-Wide Delegation of Authority
Here you create a service account with credentials, allow this account to impersonate other users (e.g. the no-reply user), to only use the Gmail API and to only use it to send emails.
the documentation is a bit outdated, you can skip the step Grant users access to this service account and create the service account key afterwards via the service account edit function: Manage keys
in the step Domain wide delegation you need Google Admin not the Google Cloud Platform Admin Console as in the previous step
Just remember to swap out the lines about
https://www.googleapis.com/auth/admin.directory.user,
https://www.googleapis.com/auth/admin.directory.group
and use
https://www.googleapis.com/auth/gmail.send
instead as you want to access the Gmail API and only allow the service account to send (not read) emails
tip
in the sample code in that link
.setServiceAccountUser(userEmail)
userEmail is the email address of the user you want to impersonate in this case no-reply#x.y
So I guess what I am saying is that what you want to do is definitely possible, however, it may be easier just to set up your own SMTP server.
So I was wondering, how would I send my email from another email address in Laravel. Currently I have this email address and domain. This is an example. Sender = test#domain.com
Now I have many auth()
users. I want to be able for them to send emails as well. So how would I do that? So for an example: Test#anotherdomain.com
My point is, currently the admin guard is able to send an email to the owner of the post who is user(). I have multi auth so admin is one guard and the other is the default.
So the admin is able to send email to test#domain.com
So how can I do it so that test#anotherdomain.com can send an email back to test#domain.com
Is this even possible?
Note: I am using mailgun.
You have two option in this situation:
1) use email clients independently like Phpmailer or Swiftmailer
2) change the config file and email credentials on the fly(make sure your config isn't cached)
Accessing Configuration Values
I am using SparkPost to handle all my email. I already have verified the domain and everything but recently I transferred my domain to another hosting site do I need to verify the domain there?Thanks in advance
I have a Heroku account and am using the Mailgun add-on. I have verified my domain, however, I need to activate the Mailgun account via email confirmation. The email account which is supposed to have received the email is at app[numbers]#heroku.com. I am not aware of how I might access that email. There is a link to resend email or update email address, however the update form instructs me to change setting in Heroku's dashboard, where I see no reference to that address. I am sure I am missing something simple, but am at a loss.
I have a client that keeps getting the customer service reply to emails in his mail box when they should be going to the customer service email. I've searched everywhere for record of his email and it is nowhere. I am guessing now that because the customer service emails are of a different domain the replies are getting marked as spam and being sent to the server admin account instead. I have downloaded this extension: http://www.magentocommerce.com/magento-connect/ASchroder/extension/1865/aschroder.com-smtp-pro. Would a different domain email be SMTP? Advice appreciated.
We had this problem with a few of our recipients as well.
Mainly Comcast users and Century Link to name a few. What the problem is, is that you are sending from (for example) www-data#thisdomain (this will be the machines domain name ie. www-data#WebServer01) -- in the header, regardless of who is in the FROM field. Your actual domain in the FROM field is customer_service#yourstoredomain.com. You will need to do one of two things.
If you host the Magento install on your own operating system and you have control of it, you'll need to change the machines hostname to match that of your web domain name. ie yourwebsite.com.
If that isn't an option, then you will need to use a Magento plugin like the one you mentioned, and have it log in via SMTP to your email service provider (We use Office365) and send the email from a "real" email address that you have created.
The reason this fails is due to the SPF record on the providers (ie Comcast CenturyLink) not allowing emails from a domain that is other than that which is specified in the header. This is usually to prevent spam etc to their customers. So companies like these simply block or, in some cases, redirect that email back to the user at the originating FROM domain.
If at all possible, the easiest route is going to be to try to change the domain in the header of the email. Hopefully you manage your own operating system so you have control over this. IF not, try to see if your hosting provider will provide you access to a "jailed" area so that you can change said settings. The SMTP route is NO FUN ...