0

Scenario: I have a customer A, who authorizes me / my software to send email on their behalf to their customers P, Q, etc.

Additionally, P, Q, etc. should see the email as coming from a.example.com.

And finally, A should be able to see the email I sent on their behalf (e.g. in a 'sent items' folder), receive replies and delivery failures from P, Q, etc., and things like that.

The obvious solution is to directly deliver the emails to A's SMTP server using the From address of a mailbox managed via that server. Authentication is required, of course, to prove "I am [allowed to send email on behalf of] someone@a.example.com." (One disadvantage is the various authentication options that I would need to support, because of course I would also want to support this for my other customers B, C, etc.)

Another solution would be to host a mailbox myself for customer A, and give the customer access to that in some way. (That would open up another can of worms, obviously, since I don't want to be in the mailbox-hosting business.)

My question: Is there perhaps some other solution direction I am missing?

For example, can I tell 'my' SMTP server to send to whoever@p.example.net 'via' A's SMTP server / From someone@a.example.com? What kind of SMTP headers would be needed, what configuration would be needed on 'my' SMTP server, and on A's SMTP server? What kind of authentication would be needed, or would having a 'verified email address' (whatever that means exactly) be sufficient?

(Note that 'my' SMTP server is fully under my control. But A's SMTP server might be hosted so A might not have full control of its configuration.)

MarnixKlooster ReinstateMonica
  • 271
  • 2
  • 4
  • 9
  • I find it difficult to find a good title for this question. Suggestions welcome! Related question: https://serverfault.com/q/141322/54650 – MarnixKlooster ReinstateMonica Oct 21 '22 at 07:26
  • 2
    In your questions please refrain from using random domain names and use either your *own domain* or one of the [RFC 6761](https://tools.ietf.org/html/rfc6761#section-6.5) reserved domain names such as `example.com`, `example.org` or similar . Please refer to [this Q&A](http://meta.serverfault.com/q/963/37681) for our recommendations with regards to how and what (not) to obfuscate in your questions. – diya Oct 21 '22 at 09:15
  • 1
    As far as I know your requirement that messages you (your application/service) send on behalf of your customer also end up in their "Sent" items folder necessitates that you get full access to their mailbox. When you're granted that privilege I would also use their mailbox credentials for sending your messages. That shifts the responsibility for delivery completely to your customers (existing) e-mail infrastructure. – diya Oct 21 '22 at 09:33

2 Answers2

0

Sending via the customer's SMTP service is the only sane and simple way to do this. Otherwise how do you handle DMARC? DKIM? BIMI? Blacklisting? SPF? RMX?....

kubanczyk
  • 13,812
  • 5
  • 41
  • 55
symcbean
  • 21,009
  • 1
  • 31
  • 52
0

I have the same needs.

I have an outsourced partner who sends e-mails to my customers.

I want him to send e-mails emails as my company brand to thousands of my customers as if I send myself the emails. This is not a mass mailing as the customers change and the content of the email is unique to each customer.

I don't want to grant him access to my Exchange mailbox.

Have you found any solution ?

Thanks.

Maurice
  • 1
  • This does not really answer the question. If you have a different question, you can ask it by clicking [Ask Question](https://serverfault.com/questions/ask). To get notified when this question gets new answers, you can [follow this question](https://meta.stackexchange.com/q/345661). Once you have enough [reputation](https://serverfault.com/help/whats-reputation), you can also [add a bounty](https://serverfault.com/help/privileges/set-bounties) to draw more attention to this question. - [From Review](/review/late-answers/551039) – stormdrain May 15 '23 at 16:50