I would like to configure Heroku and Mailgun to send email from and allow me to receive webhooks (which are POSTs Mailgun sends notifying me of email sending statuses) at a [myapp.]herokuapp.com domain while buying as few additional things as possible. I don't want to buy another domain name, but it doesn't appear that I can avoid that. I'd like to avoid buying another SSL endpoint; it doesn't appear to be necessary and I don't need privacy. What do I need to buy?
The cheapest way to do what you want is to use a custom domain name, add it to Heroku, then verify your domain with mailgun.
You can add custom domains to your Heroku app by running: heroku domains:add www.mydomain.com
Once you've done this (and updated your DNS provider to point to yourapp.herokuapp.com, you can then modify your DNS records for Mailgun to verify your domain.
Once you have that working, you should be good!
Since you can't modify Heroku's DNS servers, you need to do it this way.
This is more a subquestion as the answer.
Just to send emails, I think you can
have Free plan and send to allowed (max 5) recipients,
have Concept plan and send to all recipients; you must enter credit card but you can limit count of messages to 10000/month which is free. For this you will need your domain, however, when you will use a subdomain like myheroku.example.com in TXT DNS-entries, then you can use such domain for any other goals (ie send from more servers, point to other IP or so).
Could somebody confirm this? or make it more clear...
Related
I need to setup a sender identity on sendgrip.com but before i create them, is say the ".gmail" extension is not recommended.
I learn is because the DMARC and i understand, but is say gmail, outlook, yahoo, aol and a lot other none write have a DMARC.
So my question what i need to use ?? Or best question what is the best extension in this case ?
(https://sendgrid.com/docs/ui/sending-email/dmarc/)
Thanks a lot for you help !
As stated in How DMARC Applies to a Sender Identity, email service providers like Sendgrid assume that you have your own registered domain such as raphaelr.com and that you have access to the DNS records for that domain.
You can then setup Domain Authentication by creating the appropriate CNAME DNS records:
https://sendgrid.com/docs/ui/account-and-settings/how-to-set-up-domain-authentication/
I am recently having trouble with delivering my mail to Hotmail servers, and I noticed that SendGrid SPF is not set up on my DNS. Currently, in my DNS settings, I have an SPF setup out, as my domain emails are sent by outlook.
I have a TXT record with the Name:example.com and Value: v=spf1 include:spf.protection.outlook.com -all
Now if I want to add a SendGrid SPF do I simply just add a new record:
Name: example.com
Value: v=spf1 a include:sendgrid.net -all
My DNS host is also Cloudflare
Or do I need to somehow combine these? Basically the issue I'm facing is the outlook is blocking my emails from its recipients and I am trying to add an SPF record to hopefully be authenticated.
You do need to combine them, like this:
v=spf1 include:spf.protection.outlook.com include:sendgrid.net -all
That said, your original record is a bit unusual record as it says that you only send through either outlook or sendgrid, so for example it means that a web server for your domain would not be able to send directly, and would also have to be configured to relay through those services too. If that's the way you want it, that's fine, but I thought I'd mention it. Similarly, it's common to include an mx mechanism in your SPF, as that says that anything that can receive mail for your domain can also send. To include both those options as well, it would change to this:
v=spf1 a mx include:spf.protection.outlook.com include:sendgrid.net -all
I did a lot of research through internet but I didn't found the solution. I'm trying to send a confirmation email using Mail::send() in laravel 5.1, I don't want to use any third party like mailgun or mandrill because they are not free sometimes limited of usage. The problem with this is all of the confirmation of the users is in their spam folder in gmail, and trash folder in outlook. Sometimes they didn't receive the confirmation. Why is that? Do you have any idea with this? My website is also registered to https so I don't think this is the problem.
.env
MAIL_DRIVER=smtp
MAIL_HOST=mail.mywebsite.com
MAIL_PORT=587
MAIL_USERNAME=email#mywebsite.com
MAIL_PASSWORD=mypassword
MAIL_ENCRYPTION=tls
Landing of an email into Spam is nothing to do with Laravel.
Either you have to change the TXT record of your domain.
You can check it on mail-tester which values need to be changed.
https://www.mail-tester.com/
You might wanna try testing at Mail Tester. This can reveal a lot of information on why your emails are ending up in spam. I also recommend checking SPF and DKIM checking at SPF & DKIM checking at the same site.
Also are you hosting your emails with your hosting provider or some other third-parties like GSuite or Microsoft Exchange? These providers can influence the mail quality and spam checking greatly.
The spam classification of emails is to the discretion of the receiving mail server. There are a couple of best pratices to follow, when trying to avoid being marked as spam:
Make sure the sending server (smtp server) is allowed through
SPF
DKIM
DMARC
MX records
Further, the recipient server may check for bulk content with decentralized solutions like razor, pyzor or DCC. So, try to personalize the messages and not send bulk content. Its hard to evaluate your situation without specifics. Another problem may be the sending webserver if its in or from a country with "bad reputation" (like Russia, China). Since mail server also check the Original-IP of the email and potentially flag them as well.
SPF:
https://mxtoolbox.com/SPFRecordGenerator.aspx
DKIM:
https://dkimcore.org/tools/keys.html
DMARC:
https://mxtoolbox.com/DMARCRecordGenerator.aspx
To check your settings, it helps to use mail testing solutions visualizing those mentioned factors as mentioned by other answers.
Current email deliverability professional here. If you are willing to share the domain you are sending from, and the IP address initiating the sends I'm happy to check for any obvious problems.
I also heartily recommend mail-tester.com as I use it almost daily. If you want to share the link to the report I'm happy to help interpret.
The other thing to be aware of is, that IP addresses have a sender reputation that is tracked in the Email ecosystem at large. If it's a new sending IP address it has to get warmed up. Just like you cannot get a credit card with no limit as soon as you turn 21, Inbox Providers like Gmail and Hotmail are not just going to deliver everything a new sending IP starts trying to deliver to their recipients. They will essentially do some A/B testing by delivering some to the Inbox and some to the Spam/Promotions folder, and see how their recipients interact with your mailings. Gmail and thus other inbox providers are primarily concerned with how recipients interact with your mailings. Do they open, do they click links, do they add you to safe senders, etc.
-LB
We've been using Mandrill for years to deploy our app's signup confirmation and password reset emails. This has worked perfectly as we've had SPF and DKIM records added to the DNS configuration according to Mandrill's documentation for verifying sending domains.
However, after merging the Mandrill account with a new Mailchimp account--which is mandated by April 27th--it's requiring me to send a verification email to an address at that domain. The problem is that we don't have a mail server set up to receive emails. The domain is only used to send the "noreply#domain.com" emails.
Any ideas on how I might resolve this? Mailchimp is not giving an option to undo the merge, so effectively I have an app that users are not able to sign up for at the moment, which is problematic to say the least.
You'll want to configure at least one mailbox on that domain somehow to receive mail. That's the only way to confirm ownership of the domain.
From what I've been reading the SPF can be used to validate email addresses by sending commands (rather than an actual email) such as HELO. I've managed to pick up a basic grasp of the policy but I can't get my head around how I'd go about solving the following problem:
I've got a number of email addresses attached to contacts in a CRM system and I'd like to find out if the email addresses are valid and still in use.
Currently we're using a REST Web Service (http://emailinspector.co.uk/) which returns "Ok" (if its ok... duh), "Bad" (if its not valid or not in use) or "Unknown". For Unknown, you are also provided some notes on why it came back with that, i.e. you are told if the Mailbox is full or if its a well known DEA.
I'd like to be able to program a script that can replicate this functionality and from what I've worked out it should use the Sender Policy Framework to do this? The problem is I don't know how I'd go about returning such precise information for "Unknown" email addresses.
Ideas and thoughts?
Actually SPF is just a text record, with some "hints" to let you know if an IP address or mail server is "allowed/Authorized" to send email for that domain. It doesn't tell you anything about an individual email address in that domain..
for example
[doon#qix:~] host -t txt labratsoftware.com
labratsoftware.com descriptive text "v=spf1 a -all"
The SPF record for one of my domains says that only the a record for the domain is authorized to send email for labratsoftware.com, and that if it doesn't come from that IP then it should be rejected (-all).
So the best you can do with SPF is tell that a received email came from an authorized host, and then use that information to help decide if you want to reject it or not.
The best way To test the validity of an email address you have, is to email it, and see if it bounces. You can use options like VERP (http://en.wikipedia.org/wiki/Variable_envelope_return_path) to automate the bounce handling. You can also try and connect to the MX records listed for the domain and try to deliver a message that way. Some Mail servers support verify (But most admins disable this to prevent information leakage). You can use RCPT TO to see if the server accepts it, but even if it does , you have no way of knowing if it will actually make it to their INBOX. My guess is that is what the API you are currently using is doing. And unknown are just ones that either don't answer, greylist, etc.