Menu
Reply
  • 18
  • 0
  • 2
skidderowe
Tuning in
398 Views
Message 1 of 23
Flag for a moderator

Adding an additional email account

Hopefully I can explain this correctly so that it makes sense, as my knowledge of email accounts is limited to say the least! So here goes....

I have a ntlworld.com email address which works fine. I also have my own domain.co.uk email address which is setup to forward to my ntlworld.com email address and that works fine too.

However I want to be able to send emails from my iOS iPad and Android phone so it looks like its coming from my domain.co.uk email address. How do I do this please??

0 Kudos
Reply
  • 931
  • 112
  • 624
coenoby
Well-informed
381 Views
Message 2 of 23
Flag for a moderator

Re: Adding an additional email account


@skidderowe wrote:

However I want to be able to send emails from my iOS iPad and Android phone so it looks like its coming from my domain.co.uk email address. How do I do this please??


What you have asked certainly makes sense.

In the early days of email you would have been able to send out emails with your 'mydomain.co.uk' address from your iPad or phone using the Virgin Media email servers that you use for your ntllworld emails. However that is no longer supported.

These days you need to use the incoming and outgoing email server names that relate to your 'mydomain.co.uk' email account. Those are referred to as the IMAP (or POP3) and SMTP details.

In my opinion, given your limited experience in these things, your best course of action would be to contact the Domain Registrar that you purchased your domain name from (Godaddy, Names.co.uk, 123 Reg or whoever) and get advice from them as to what your options are.

So called 'email forwarding' which is what you appear to have with your domain, usually comes free when you purchase a domain name but as you have discovered it is of limited use. To have the option to do what you are asking for will almost certainly involve an extra expense but it should not be too muchSmiley Wink

Coenoby

 

 

*******************************
I am just another Virgin Media customer.
If someone posts a useful reply you can say thanks by clicking on the thumbs up sign in their post.
If someone posts a message that solves your problem it helps everyone if you mark their post as a Helpful Answer
  • 17.15K
  • 941
  • 6.88K
Superuser
Superuser
350 Views
Message 3 of 23
Flag for a moderator

Re: Adding an additional email account

I'm going to tell you how to achieve what you want, but first I'm going to try and explain why your current setup is NOT a good.idea.

If you want to go ahead and do it anyway, skip to the end, but I strongly recommend not doing so.

Email is trying to adapt to combat From: address spoofing.

When email was invented the internet was in it's infancy, as such some design choices were made that were a spammers wet dream, that's not to say it was designed badly.  For the original Arpanet the design was adequate.  

One of the major flaws in SMTP was that there was no checking to see if the senders address was valid.  In fact the senders address didn't even have to match the author's address (in fact there's actually an important reason why that was the case.  This meant that ANYONE ANYWHERE could send emails with your address as both the sender and/or the From: address, and unless you dug into the email headers you'd never know.

There have been a number of aborted attempts to address this, but in the end three technologies have been settled on.  I'm now going to cover each in turn.

Bear in mind though that these technologies don't necessarily affect outgoing mail from your domain, they also affect what happens to inbound mails from other domains.

To understand the technology you do need to understand the difference between the Sender and Author of an email.

When you send an email your client actually sends the following two commands to the email server.

Mail From: <some@email.address> - This is the envelope sender
Rcpt to: <other@email.address>      - This is the envelope recipient

The From: and To: headers are actually part of the email itself, and while in MOST cases these will be the same as the envelope sender and envelope recipient respectively - in terms of email delivery - these headers are NOT the one's used when determining where a mail is sent or where undelivered mail is returned to.

For example If the mail server receives the following commands

mail from: <joebloggs@someaddress.com
rcpt to: <fredsmith@otheraddress.com

yet the email contains

From: annother@yetanotheraddress.com
To: juliesmith@onelastaddress.com

Fred will get a mail in his inbox seemingly addressed to Julie

If the mail is rejected then Joe will get the bounce that was seemingly written by Ann

For this reason the envelope-Sender and From: addresses are considered separate addresses when dealing with email.  As are the envelope-recipient and To: address.

In fact the only email address you can be 100% sure of until recently was the envelope-recipient.

Sender Policy Framework (SPF)

This looks at the sender of the email - that is the address found in the mail from: command rather than the from address.

It allows a domain owner to specify that the IP address delivering the mail to the recipients mail service is trusted,

take the following SPF record (this is a genuine one)

C:\Users\timdu>nslookup -type=txt ravenstar68.co.uk
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Non-authoritative answer:
ravenstar68.co.uk       text =

        "v=spf1 mx -all"

I use this record to tell the world that my mail comes from hosts specified in my domains MX records.

If I send a mail from my domain to my blueyonder.co.uk email address.  Virgin take the domain used in the envelope-sender and pull the above record.

They then look at my MX record

C:\Users\timdu>nslookup -type=mx ravenstar68.co.uk
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Non-authoritative answer:
ravenstar68.co.uk       MX preference = 10, mail exchanger = box.timothydutton.co.uk

box.timothydutton.co.uk internet address = 77.68.89.100

Finally they will check if the IP address of the mail server they are talking to matches the IP address above.  If it does the mail will pass on SPF, if not it will fail

Now this is OK provided the recipient doesn't have auto-forwarding set up.  When this happens the server that ends up delivering that mail to Virgin is that belonging to your forwarding service rather than my mail server.  So Virgin Media will fail the mail.

Note: to that in the original SPF specification:

  1. There were no checks to see if the envelope-sender matched the From: address
  2. The decision as to what to do with the failed mail rested with the receiving email administrator.

So while SPF is a start it's not perfect.  In fact your setup breaks SPF authentication on inbound mail.

DomainKeys Identified Mail (DKIM)

This was being developed alongside SPF and is an extension of a now deprecated standard called DomainKeys which was originally developed by Yahoo.

DKIM allows a domain administrator to publish a public key in DNS which is then used to determine if a mail is genuine.

Essentially what happens it this.

  • Author sends email.
  • Sending server uses a private key to derive a DKIM signature from a private key known to the server.
  • Sending server also hashes the body and selected headers of the email.
  • Signature and hash are written into a DKIM header and the email is sent on it's merry way.
  • Receiving server reads the DKIM signature and uses the corresponding public key to establish the signature is genuine.
  • The body hash is recomputed to see if it matches the body hash in the signature.  Unless the email has been altered in transit this should be the case.
  • If the signature and the body hash pass then the mail passes on DKIM

Fun fact 1:  The domain used to sign the mail is provided in the DKIM header, but under the DKIM standard there's no requirement that the domain be the same as that in the From: address. (Just like SPF)

Fun fact 2: Provided the mail is NOT altered in transit, DKIM checks SHOULD survive being forwarded, but:

  1. Some servers do change the mail before forwarding it on (even though they really shouldn't)
  2. DKIM has a known problem with mailing lists.

Finally: Just like SPF the DKIM specification doesn't say what to do when a mail fails on DKIM - again this was originally left up to the receiving email service.

So while DKIM is an improvement on SPF in some regards, once again it's not perfect.

So lets look at our final standard:

Domain Messaging Authentication Reporting and Conformance (DMARC)

DMARC provides the following

  • Authentication using DKIM and/or SPF.
  • Checks to ensure that the domain in the From: address matches the domains used in the SPF and DKIM checks.
  • Allows the domain administrators to tell the world what to do with emails that fail authentication checks.
  • Allows the domain administrator to provide email addresses for the receipt of reports on deliverability for their domain.

This is again handled in DNS by publishing a DMARC record

C:\Users\timdu>nslookup -type=txt _dmarc.ravenstar68.co.uk
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Non-authoritative answer:
_dmarc.ravenstar68.co.uk        text =

        "v=DMARC1; p=quarantine"

This is a very basic record which simply says any mail that fails authentication for the ravenstar68.co.uk domain should be quarantined.

C:\Users\timdu>nslookup -type=txt _dmarc.yahoo.com
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Non-authoritative answer:
_dmarc.yahoo.com        text =

        "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_rua@yahoo.com;"

This is a slightly more complex record.  p=reject - reject failed mails altogether. pct=100 the percentage of mails to scan. (note this defaults to 100 so technically isn't needed here) rua= the address to send aggregate reports with statistics for mails delivered to a particular server.

With DMARC SPF is done as before BUT the domain in the envelope-sender is compared with the domain in the From: address.  If the two don't mach then regardless of the outcome of the SPF check - the mail fails on DMARC.  Likewise with DKIM if the domain used to sign the mail is different to the domain in the DMARC address a mail can pass on DKIM but fail on DMARC.

Finally so long as either

SPF passes (mail is being delivered by an approved IP address)
DKIM passes (mail has been properly signed and authenticated)

then DMARC passes so it's possible fo have SPF = fail, DKIM = pass or SPF=pass, DKIM=fail and still get a DMARC pass.

DMARC is not without it's issues mind you.  BUT it's a definite improvement on SPF or DKIM alone.

However when it comes to receiving mail.  You are somewhat at the whim of the both senders and forwarding servers here.  While Yahoo do use DKIM to verify their mail as well as SPF, what happens should DKIM fail because an intervening server has changed the mail. - In this case Yahoo say the mail must be rejected so Virgin's email server would dutifully do just that.

For that reason I STRONGLY suggest you either run your own email server or use a hosted email service rather than the setup you are using now.

If you still want to use Virgin Media's servers to send your mail then read my next post:

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 17.15K
  • 941
  • 6.88K
Superuser
Superuser
344 Views
Message 4 of 23
Flag for a moderator

Re: Adding an additional email account

Setting up to send as a third party address.

Make sure your SPF record is correct:

By default your SPF record won't include Virgin Media's SMTP servers.  SO If you do set up our iPad to send using Virgin Media's servers, Virgin Media will reject the send.  They do this to protect their service from being abused.

So you need to modify your SPF record to include Virgin Media's servers.

Lets say for example I wanted to modify my own record.

You may recall that previously my record is

 

"v=spf1 mx -all"

In order to include Virgin Media's SMTP relays I would ADD the following to the existing record

 

 

include:_smtprelay.virginmedia.com

But this needs do be added  BEFORE the -all  section.  So in my case the new record would be:

 

 

"v=spf1 mx include:_smtprelay.virginmedia.com -all"

Your final record would depend on the following:

 

  • Whether you want to use the servers specified in the original setup
  • What the orginal record was if you do.

As a BARE minimum you should use

"v=spf1 include:_smtprelay.virginmedia.com ~all"

This says your outgoing mail ONLY uses Virgin Media's smtp relays.

You need to set this up at your registrar in the DNS control panel.  If you need more help let me know.

As to setting up your iPad,  Once you've done the above - provided you have a Virgin Media email address on your system - it's easy to add the new address as a sending address.

  1. Tap settings
  2. Tap passwords and accouts.
  3. Tap your Virgin Media/Ntlworld/Blueyonder/Virgin.net account
  4. Under Imap tap your email address.
  5. Tap email
  6. Tap Add another email, type in your email and hit return.
  7. Note that you can specify what your preferred sending address is for that account by tapping on the relevant address so the tick moves.
  8. When you compose the email if you tap the From:/Cc:/Bcc: line to expand it, you can change the From: address when composing your mail.

Tim

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 18
  • 0
  • 2
skidderowe
Tuning in
304 Views
Message 5 of 23
Flag for a moderator

Re: Adding an additional email account

Tim, thank you so much for taking the time to give such a detailed answer. Although I really do appreciate it, I’m afraid that most of it is lost on me. That’s down to my ignorance and so apologies for that. It’s clearly not a simple task for someone of my computer knowledge and so I will probably just contact my domain provider and let them sort it out.

  • 17.15K
  • 941
  • 6.88K
Superuser
Superuser
296 Views
Message 6 of 23
Flag for a moderator

Re: Adding an additional email account


@skidderowe wrote:

That’s down to my ignorance and so apologies for that. It’s clearly not a simple task for someone of my computer knowledge and so I will probably just contact my domain provider and let them sort it out.


The best way to become less ignorant is to bite the bullet and try and sort it yourself.  The first time I had my own domain, (under Freenetname)  I was extremely ignorant about DNS.  In fact the domain lapsed when I stopped using freenetname.  But even when I purchased my own domain more recently, I was still quite ignorant.

The main things you need to learn:

How to I manage my DNS myself?

Most DNS hosts provide some method of managing your DNS records, if you let me know who your domain provider is, I can walk you through their interface.

Trust me, it's far more satisfying than letting someone else do it.

What is it they say?

"Give a man a fish - he'll feed himself for a day.  Teach a man how to fish, and he'll feed himself for life."

Adding or amending the entry you need is usually very simple.  Adding the email address to an existing email account on the iPad turned out to be a lot simpler than I thought it would be. 

The only thing that makes it more difficult is the fact that Virgin Media do some unusual checking on their outbound servers which makes it necessary to ensure your SPF record is correct.

Tim

________________________________________


Only use Helpful answer if your problems been solved.

  • 18
  • 0
  • 2
skidderowe
Tuning in
273 Views
Message 7 of 23
Flag for a moderator

Re: Adding an additional email account

Thanks again Tim. It was very late when I read your reply last night, so will have a look at it again when I can allocate some time and I'm not so tired!

By the way, my domain host is UK2 Net

0 Kudos
Reply
  • 17.15K
  • 941
  • 6.88K
Superuser
Superuser
266 Views
Message 8 of 23
Flag for a moderator

Re: Adding an additional email account

Here's the help pages that point you to managing tour DNS

https://www.uk2.net/knowledgebase/display/UK2/How+To+Manage+DNS+In+CHI

If you use the information there to show the advanced options, you should be able to see all the records already in use on the account.

Look for the section labelled Text or TXT Record.

Check to see if you already have a record that starts v=spf1 - If you do then you just need to modify this record to add 

include:_smtprelay.virginmedia.com

Somewhere between the spf1 and the last ~all entry (note the underline character is required.

Note that as far as I can tell the TTL's cannot be amended - so DNS servers such as Virgin Media's will cache any entry they find for the period specified in the TTL - (default appears to be 24 hours).  This is how DNS is designed.

If you need specific help or you want me to check your current DNS record, drop me a PM with your domain.

Tim

________________________________________


Only use Helpful answer if your problems been solved.

0 Kudos
Reply
  • 18
  • 0
  • 2
skidderowe
Tuning in
249 Views
Message 9 of 23
Flag for a moderator

Re: Adding an additional email account

Tim,

I've had a look as you suggested and there is nothing currently in the TXT box. There is an option to add a new TXT record and it asks me for a Name, Value and some drop down options for TTL. Is this where I need to enter something??

Options for TTL are 1 min, 5 mins, 15 mins, 1 hr, 4 hrs and 1 day.

0 Kudos
Reply
  • 17.15K
  • 941
  • 6.88K
Superuser
Superuser
238 Views
Message 10 of 23
Flag for a moderator

Re: Adding an additional email account

Name will be one of three things

<left blank>
@
domainname.co.uk

I can't be specific as to which as it's not clear from the instructions. Try it with nothing first if that's not allowed try the @ symbol next.

 Value

"v=spf1 include:_smtp.virginmedia.com ~all"

Keep TTL low at first while you are trying to get this sorted at 1 minute.  We can change the TTL to a higher value one we know the record is right.

To test the record open a cmd window and type in the following command

nslookup -type=txt domainname.co.uk

Obviously replace the domain with your own domain.

For example if I wanted to look up the record for ravenstar68.co.uk

C:\Users\timdu>nslookup -type=txt ravenstar68.co.uk
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Non-authoritative answer:
ravenstar68.co.uk       text =

        "v=spf1 mx -all"

You're not going to break anything by entering an invalid TXT record - So feel free to experiment with each alternative until you get the right result.

Tim

 

________________________________________


Only use Helpful answer if your problems been solved.