We do not want to expose this subdomain to our users. Mailgun recommends the usage of subdomains when sending mails. The idea would be to force the sender headers in discourse. According to our test, it seems to work well.
I’ve been working with all our email systems, both internal and external, and also SPF, DKIM and DMARC setups -
For many of our providers, we are allowed to send through mailgun, as mg.example.com subdomain, but the sender and from fields are set to match @example.com - so there is no “on behalf of” issue.
For dmarc alignment, the really important parameter is the “d=” field when signing the email with dkim. If this is d=example.com, then everything is aligned because the @example.com is matching the top level sender domain (ie, outdomain.com) - so the mechanisms “SPF dmarc alignment” and “DKIM dmarc alignment” both show as “pass”. When eveything shows as pass, the email is accepted as valid.
So, we have a couple issues here. Can we set the “sender” and “from” fields?
Do you properly assign the domain in the “d=” when dkim signing the email?
In your settings, you can setup the domain to point to whatever domain you want.
My site is hosted on board.example.com and the emails come from example.com
here it’s not related to the website url but to the SMTP Domain vs Sender domain.
Our smtp is mg.something.com whereas our sender domain is something.com.
My mailgun is setup as mg.example as well. Still uses example.com as the protocol. edit maybe I’m just not understanding what you’re trying to imply.
Apologies.
c0ry, it seems we are not able to set the “sender” and “from” (and the “return path”) fields to be the same. If they are not the same, you can get emails that say “sent on behalf of”. Then risk of spam classification is higher.