0

I want to send a mail from a website. The mail server from this domain is not publicly reachable, so I can't use that to send the mail.

The webserver that hosts the website has another email server that I can/have to use. But I want the FROM to be the website domain.

How can I set this up without my mails being marked as spam for claiming to be from the website domain when the mail server that sent it is not.

Not sure if I am clear. Maybe an example helps:

domain: a.com
domain mail server: a.com (e.g. mail@a.com - can't use that mail server for sending)
webserver mail server: mail.customer123.somehoster.com (can only use that server)

So I want to send a mail via the mail.customer123.somehoster.com mail server but the sender should appear to be mail@a.com. I understand that this looks like spam mail to most servers. What's the correct way to set this up?

So far I've read that a SPF record on the DNS is all I need. Is that correct? Is that the best practice? Can some help me with the correct entry?

Matthias
  • 101
  • 2
  • Does this answer your question? [Fighting Spam - What can I do as an: Email Administrator, Domain Owner, or User?](https://serverfault.com/questions/419407/fighting-spam-what-can-i-do-as-an-email-administrator-domain-owner-or-user) – Gerald Schneider Jan 04 '22 at 14:05
  • @GeraldSchneider It further confirms my believe that SPF is the right way. But the article is actually the other way round: "How to STOP people from using my domain to send spam?". I want to ENABLE specific people(=my other mail server) to send with my domain without using the corresponding/correct mail server and be as legit as possible while doing so. I'm just not sure if SPF is all I can/should do or if more steps are recommended and what the best configuration would be. – Matthias Jan 04 '22 at 15:33
  • I would guess that the correct TXT record for my scenario is `v=spf1 a mx -all` – Matthias Jan 04 '22 at 16:23
  • You need more than SPF. You need DKIM/DMARC, you need proper PTR DNS records, you need at least a working postmaster@ mailbox for your domain (and preferable abuse@ too). You'll also need a working mailbox for the email you are sending from as many servers just reject email from non-existing addresses. – AlexD Jan 05 '22 at 08:16

2 Answers2

0

Yes, SPF is one technology that you can use to improve chances that your email is not marked as spam.

In your case, you would install the following TXT record at domain a.com:

v=spf1 a:mail.customer123.somehoster.com -all

Then you could send mail from host mail.customer123.somehoster.com with sender address mail@a.com.

Note that SPF only authorises the envelope sender, ie the address given in the MAIL FROM SMTP command. This is not the same as the From header which is part of the message body.

glts
  • 681
  • 4
  • 14
0

Maybe you mix two things.

  1. MAIL FROM in the SMTP dialog. This should be the account/address you are allowed to use by the webserver on the mail.customer123.somehoster.com server
  2. From in the e-mail headers. This may be whatever you like, as you adhere to 1.)

When you combine 1) and 2) SPF may help, but this is not guaranteed.

If you try to use the main domain in MAIL FROM you are out of luck. At least my mail server will flag those mails as spam regardless of the SPF value.

The From-Header is what is shown to the recipient in their mail program. The MAIL FROM is what makes the delivery work and is normally hidden (but can be revealed, if one knows where to look) from the recipient.

mailq
  • 16,882
  • 2
  • 36
  • 66