1

I am trying to send emails through Sendgrid SMTP and unfortunately, all emails were landing to spam. Upon checking from mail-tester.com service, I got to know an error message that "You are not allowed to use one of your sender email addresses" with a minus 3 score which I believe is causing the emails to land in the spam folder.

Here's the report URL: https://www.mail-tester.com/web-7n29r&reloaded=2

Sendgrid support is worthless in this case and continuously pestering me to upgrade to a dedicated IP and pro account, while I have no understanding of their platform to make the upgrade.

I did white label all the sending domains and link tracking.

Please help

Naser Mohd Baig
  • 29
  • 8

1 Answers1

1

Your test is correct and by opening the explanation you whould have avoided asking this question.

[Sender ID] gunsafeslab.com does not allow your server 167.89.106.6 to use naser@gunsafeslab.com

Sender ID is like SPF, but it checks the FROM address, not the bounce address.

What we retained as your current SPF record is:

v=spf1 a mx include:websitewelcome.com include:sendgrid.net ~all

More information about this error:

gunsafeslab.com ... _spf.google.com: Maximum DNS-interactive terms limit (10) exceeded

In order to send mail from Sendgrid your SPF record should have include:sendgrid.net.

Now it has include:websitewelcome.com having include:spf.websitewelcome.com include:spf1.websitewelcome.com include:_spf.google.com having more includes inside them. This will cause more than 10 DNS queries and the SPF checker will stop. Whether the 167.89.106.6 eventually exists in one of these includes doesn't matter, because it won't get there.

One way to sanitize these superfluous queries would be querying TXT records of what have been included; try to avoid includes that are only doing more includes. Here's a little chart showing all the DNS queries caused by "v=spf1 a mx include:websitewelcome.com include:sendgrid.net ~all":

a mx include:websitewelcome.com include:sendgrid.net

All these causes a new DNS query:

  • Red label shows every include: only containing more include: methods.
  • Orange label shows include: methods also having actual ip4/ip6 methods (green).
  • Yellow label are other methods: a and mx needs to be queried separately, too.

Moreover, this has nothing to do with MX records as they are for receiving mail, not for sending. Also, your A and MX are eventually the same server, and could be replaced with single ip4:192.254.236.206.

If you only send mail from this one server and Sendgrid, your minimal SPF record would be:

"v=spf1 ip4:192.254.236.206 include:sendgrid.net ~all"`

That would cause only one extra DNS query. If you also send mail from Gmail, that'd be five with 

"v=spf1 ip4:192.254.236.206 include:sendgrid.net include:_spf.google.com ~all"

ip4:192.254.236.206 include:sendgrid.net include:_spf.google.com

Esa Jokinen
  • 43,252
  • 2
  • 75
  • 122
  • Hi Esa, I did open that explanation and I didn't understand a thing. I am not that technical. Thanks a lot for helping me. Can you please guide me how do I include the sendgrid.com in my SPF domain as well, please? Should I just replace websitewelcome.com with sendgrid.com or add a new line with sendgrid.com? – Naser Mohd Baig Oct 22 '17 at 06:10
  • I tried to explain this a little in my edit. – Esa Jokinen Oct 22 '17 at 06:13
  • I added a separate txt record with my naked domain in the name and balue as v=spf1 a mx include:sendgrid.net ~all Please let me know if this is correct – Naser Mohd Baig Oct 22 '17 at 06:19
  • Only one SPF record per hostname is allowed ([RFC 4408, 3.1.2](https://tools.ietf.org/html/rfc4408#section-3.1.2)). The [SPF Common mistakes](http://www.openspf.org/FAQ/Common_mistakes) page may help you in creating a suitable record. – Esa Jokinen Oct 22 '17 at 06:38
  • Thanks Esa. How do we remove the multiple includes include:spf.websitewelcome.com include:spf1.websitewelcome.com include:_spf.google.com you were talking in your previous comment. This is so confusing :( I sincerely apologize for the noob questions and really thank you for the assistance. – Naser Mohd Baig Oct 22 '17 at 14:55
  • Hope my edit clarifies the situation. – Esa Jokinen Oct 22 '17 at 16:32
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/67488/discussion-between-naser-mohd-baig-and-esa-jokinen). – Naser Mohd Baig Oct 23 '17 at 05:09
  • Hi @EsaJokinen, could you please help me with another issue regarding my SPF record? Here are the details: https://serverfault.com/questions/891873/mail-tester-com-shows-wrong-server-ip-please-help-me-figure-out-what-am-i-doing – Naser Mohd Baig Jan 12 '18 at 15:21