• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Am I sending emails to myself via my Contact form incorrectly? SPF and DKIM settings?

fuzzybabybunny

fuzzybabybunny

Moderator<br>Digital & Video Cameras
Moderator
I have a contact form on my website.

The user puts in their message and email address (ex. tom@aol.com )

The message gets sent to Mandrill / MailChimp via their API and then Mandrill sends the email to me at my domain (ex. www.mysite.com, DKIM and SPF are all set up)

I receive the email and the sender is listed as tom@aol.com but via mandrillapp.com, not aol.com

I'm currently in the process of connecting my MandrillApp account to MailChimp. I get this message:

"Please verify all sending domains used for Mandrill and add SPF and DKIM records before clicking Confirm below. After connecting to a MailChimp account, any mail sent through Mandrill from a domain that isn't verified and configured with the required SPF and DKIM records will be rejected at the time of send. To confirm that all domains are verified, please go to the Sending Domains page in Mandrill before proceeding further."

Ummmm... well, "any mail sent through Mandrill from a domain (in my case, aol.com) that isn't verified and configured with the required SPF and DKIM records will be rejected at the time of send."

It's impossible to configure SPF and DKIM for the domains of people who use my contact form.

What do I do?
 
You can't setup SPF/DKIM for domains you don't control. Your form really shouldn't be sending e-mail from their e-mail addresses either.

The purpose of the form isn't so that a customer can write you an e-mail from their own address, the purpose of the form is so that the customer can leave you a message and your website will then send you an e-mail notification so you can deal with the customers message.

I would continue to do it as you are, but instead of sending the e-mail from customer@domain.com send it from alerts@website.com(where website.com matches your setup for SPF/DKIM) and set the reply-to address to be the customers actual e-mail address. This way when you get the email alert you can still send a reply message by just replying to the e-mail, but you're also not trying to send e-mails for domains you don't control.
 
Crusty said:
You can't setup SPF/DKIM for domains you don't control. Your form really shouldn't be sending e-mail from their e-mail addresses either.

The purpose of the form isn't so that a customer can write you an e-mail from their own address, the purpose of the form is so that the customer can leave you a message and your website will then send you an e-mail notification so you can deal with the customers message.

I would continue to do it as you are, but instead of sending the e-mail from customer@domain.com send it from alerts@website.com(where website.com matches your setup for SPF/DKIM) and set the reply-to address to be the customers actual e-mail address. This way when you get the email alert you can still send a reply message by just replying to the e-mail, but you're also not trying to send e-mails for domains you don't control.
Click to expand...

Awesome, thanks for giving me the proper pattern to use.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top