7

We have a website where we allow you to reset your password (say if you forget your password). This is standard on many websites. Basically you enter your email address which you've used to register on our website, then we send you an email containing an email reset link.

This is all standard stuff. However, the problem is: Gmail somehow thinks this email we send to the user is spam, and puts it in the Spam folder.

The specific message Gmail shows is:

Be careful with this message. Our systems couldn't verify that this message
was really sent by xyz.com.  You might want to avoid clicking links or replying
with personal information.

Let me explain how we send the email. We use the company sendgrid.com to deliver the emails. xyz.com is a domain we control. (xyz is a pseudo-name here.) The email's from address is: do-not-reply@xyz.com

We have changed xyz.com's SPF record to include "sendgrid.com" (and "sendgrid.net" "sendgrid.me").

There's no website associated with xyz.com, however.

My question is: what else can we do to make Gmail believe the email is from the domain xyz.com? So it doesn't put the email in the spam folder?

Thank you.

Zack Xu
  • 11,505
  • 9
  • 70
  • 78
  • You might need to look in to Domain Keys http://sendgrid.com/docs/Apps/domain_keys.html – Jason Sperske Nov 07 '13 at 17:17
  • Could you post the mail headers from a test message sent to a gmail account (drop down arrow next to reply -> show original), in particular the "Authentication-Results" header is useful. – Hayden Ball Dec 03 '14 at 23:16

1 Answers1

2

Did you end up publishing DKIM with Sendgrid? Also, I have a feeling your SPF record isn't quite right as generally there's one official entry per email provider. You mention adding several. I'd recommend looking at their docs for exactly what they recommend publishing in your SPF. Do this for any provider you use for any kind of email.

Since you mentioned Sendgrid as your ESP, here are Sendgrid's instructions. Once you've done the DNS you have to ask Sendgrid to "sign" it. Since DKIM uses cryptography you'll need them to do their side.

DKIM's less complicated than it sounds. The DNS records you have to add will take a few minutes then presumably open a ticket to Sendgrid to have them do their side.

Also, as an aside, could you post what you have for your SPF record here? I don't mean your domain but what the value is? It's not directly causing the problem but it's a key component of email authentication.

Once you've completed SPF and DKIM, it is critical you validate them both. Do a search for SPF validates and DKIM validator to find online tools.

Neil Anuskiewicz
  • 478
  • 2
  • 12
  • Links to external resources are encouraged, but please add context around the link so your fellow users will have some idea what it is and why it’s there. Always quote the most relevant part of an important link, in case the target site is unreachable or goes permanently offline. – Vince Bowdren Aug 18 '16 at 15:09
  • The OP mentioned he used Sendgrid so I went and found Sendgrid's DKIM documentation. I'll make that more explicit next time. Thank you. – Neil Anuskiewicz Aug 18 '16 at 16:29
  • PS I mean to put in a link to the help guide [How to Answer](http://stackoverflow.com/help/how-to-answer), which is where that advice was copied from. – Vince Bowdren Aug 18 '16 at 16:31
  • @VinceBowdren - Thank you. I'm pretty new to Stackoverflow so a document on how to answer questions is timed perfectly. I'll read it now. – Neil Anuskiewicz Aug 18 '16 at 16:33