We do not want to expose this subdomain to our users. Mailgun recommends the usage of subdomains when sending mails. The idea would be to force the sender headers in discourse. According to our test, it seems to work well.
I’ve been working with all our email systems, both internal and external, and also SPF, DKIM and DMARC setups -
For many of our providers, we are allowed to send through mailgun, as mg.example.com subdomain, but the sender and from fields are set to match @example.com - so there is no “on behalf of” issue.
For dmarc alignment, the really important parameter is the “d=” field when signing the email with dkim. If this is d=example.com, then everything is aligned because the @example.com is matching the top level sender domain (ie, outdomain.com) - so the mechanisms “SPF dmarc alignment” and “DKIM dmarc alignment” both show as “pass”. When eveything shows as pass, the email is accepted as valid.
So, we have a couple issues here. Can we set the “sender” and “from” fields?
Do you properly assign the domain in the “d=” when dkim signing the email?
In your settings, you can setup the domain to point to whatever domain you want.
My site is hosted on board.example.com and the emails come from example.com
here it’s not related to the website url but to the SMTP Domain vs Sender domain.
Our smtp is mg.something.com whereas our sender domain is something.com.
My mailgun is setup as mg.example as well. Still uses example.com as the protocol. edit maybe I’m just not understanding what you’re trying to imply.
Apologies.
c0ry, it seems we are not able to set the “sender” and “from” (and the “return path”) fields to be the same. If they are not the same, you can get emails that say “sent on behalf of”. Then risk of spam classification is higher.
I have been fighting with integrating outgoing emails to office365.
There are a few threads which discuss email issues.
For info:
By default Office365 will give a 554 error if the sender is not the same as the login (and discourse’s logs are not great).
The sender addr can be set as discussed elsewhere using
rails r “SiteSetting.notification_email = ‘discourse@yoursite.com’”
But I think this only sets the initial email sent.
Note, my forum URL is NOT related to my email domain…
For me, I had to set the following in (gui) settings:
1/ notification email
2/ site contact username - this means you MUST have a user who has the email you wish to send from (i.e. the email you login to smtp with).
Basically, ALL emails sent from discourse MUST have from set to the same email as the SMTP login to use a ‘normal’ office365 smtp connection. I hope the above achieves this, but it would be a ‘nice to have’ to be able to hard-set the email from field for every email, guaranteed.