Menu
Reply
Highlighted
  • 28
  • 0
  • 0
Tuning in
402 Views
Message 1 of 3
Flag for a moderator

Sending email using your own domain

I have my own domain name, let’s call it Fred.com. It’s hosted by Freeparking.co.uk but I only use their mail forwarding service so anything send to fred.com comes to me. 

In my smtp settings, I have all the blue yonder settings except the email address (the one shown to the receiver) is john@fred.com. 

Ive been having loads of bounces and rejections or email not being received so I’m having to send via my gmail account. 

I send email primarily through my iPhone and iPad but also through a laptop and Mac occasionally. 

What is it I need to do in order to get this working again? I’ve found a thread that mentions how to set this up but I’m not understanding it and I work in IT.

https://community.virginmedia.com/t5/Email/Sending-email-using-your-own-domain/m-p/3716147#M157860

I’d be grateful for any help  

thanks 

 

 

 

0 Kudos
Reply
Highlighted
  • 18.1K
  • 1.01K
  • 7.68K
Very Insightful Person
Very Insightful Person
377 Views
Message 2 of 3
Flag for a moderator

Re: Sending email using your own domain

It helps to know what error messages you are getting.  You can post them on here and mask out any personal information such as full email address.

With regards to my post what part do you not understand?

To clarify what SPF is - imagine 3 people Bob Alice and Fred.

Bob normally passes any messages he has to send via Alice, so he puts the word out that only messages arriving via Alice should be treated as genuine.  Thus when Fred receives a message from Alice claiming to have been sent by Bob then he accepts it as genuine.

One day a 4th person called Mark tried delivering Fred a message claiming to be from Bob, Fred checks and sees that only Alice should be delivering Bob's mail so Fred either rejects the message outright or is very careful about trusting the message.

SPF works in exactly the same way.  It essentially says that messages being sent from my domain will use mail servers on specific IP addresses.  While there are a number of directives in SPF, ultimately they all resolve to a valid IP address or list of IP addresses.

Take for example one of my own domains.

C:\Users\timdu>dig txt ravenstar68.co.uk

; <<>> DiG 9.10.6-P1 <<>> txt ravenstar68.co.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47375
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;ravenstar68.co.uk.             IN      TXT

;; ANSWER SECTION:
ravenstar68.co.uk.      1800    IN      TXT     "v=spf1 mx -all"

;; Query time: 75 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Sat Jun 01 11:51:13 GMT Summer Time 2019
;; MSG SIZE  rcvd: 73

This states that only mail coming with an IP address that matches my MX records should be treated as genuine.  If we look at the MX record.

PS C:\Users\timdu> Resolve-DnsName -Type MX ravenstar68.co.uk

Name                                     Type   TTL   Section    NameExchange                              Preference
----                                     ----   ---   -------    ------------                              ----------
ravenstar68.co.uk                        MX     1688  Answer     box.timothydutton.co.uk                   10

And then finally the address of box.timothydutton.co.uk

PS C:\Users\timdu> Resolve-DnsName box.timothydutton.co.uk

Name                                           Type   TTL   Section    IPAddress
----                                           ----   ---   -------    ---------
box.timothydutton.co.uk                        A      806   Answer     77.68.89.100

So if I send you an email from an address ending with ravenstar68.co.uk - UNLESS the mail server that delivers the mail is on 77.68.89.100 the mail will be deemed to be suspicious.

Virgin Media have gone one step further.  They won't allow a third party mail to be sent via their servers UNLESS the SPF record allows it.  Take the following record

timothydutton.uk.       1800    IN      TXT     "v=spf1 mx include:_smtprelay.virginmedia.com -all"

Note:  This was set up as I wanted to demonstrate how to send via Virgin Media's servers while using a relay server on my home PC to sign mail with DKIM.   The key element here though is that I've included Virgin Media's SMTP relays in the list of servers allowed to send for my domain.

So you need to go to your domains control panel and make sure your SPF record includes _smtprelay.virginmedia.com (Note the leading underscore character).

However you might want to consider doing away with forwarding altogether.  Anti spoofing techniques mean that use of Forwarding servers can end up with inbound mail being rejected or marked as spam even if it is originally from a genuine source.

At time of writing Zoho mail still allow mail hosting for a single domain with up to 25 email addresses on that domain.  There are other alternatives.  I currently host my own mail on an Ubuntu Virtual Private Server using Mail in a Box.

Tim

 

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

Use Kudos to say thanks

Mark as Helpful Answer if I've helped

0 Kudos
Reply
  • 855
  • 130
  • 425
Very Insightful Person
Very Insightful Person
368 Views
Message 3 of 3
Flag for a moderator

Re: Sending email using your own domain

In the so called 'good old days' email sending and receiving was a bit of a wild west, the spammers and pretending that email has come from one address when it actually come from elsewhere (spoofing) has made it vastly more important that email systems take some steps to verify that the mail is genuine before delivering it or just reject it.

What's happening here is something like this

You compose an email from john@fred.com (so far all well and good)
You submit that to VMs mail server - you have a valid account so you can put in your VM account details to authenticate yourself, the VM mail server accepts the message and starts to forward it in.
The message arrives at the destination email server which starts to run a few checks, what it might do is to do through the (normally invisible) header on the email and check which server it originally came from. It finds that the message originated from a VM server and starts to think to itself 'hold on this message apparently originated from a VM system (it looks only at the first server not the address of your PC etc on which the message was originally written), but the domain name is @fred.com - so why would VM be handling mail for that domain? All looks a bit dodgy so I'll bounce that message and not deliver it to the destination.'

Alternatively it might do a reverse DNS lookup and see if the message has come from the same IP address as used to send messages to fred.com - they won't match so again the message is flagged as suspicious.

Sender Policy Framework (SPF) is a very common check to see if email has originated from where it should have, and @ravenstar has explained how that works, and there are other methods which may or may not be used.

The point is the onus to do this is all on the receiving system and some are more rigid than others, which is why sometimes your mail gets through and other times it doesn't. Sometimes it works for a while to a particular recipient and suddenly stops working for no obvious reason, the reason generally is that the receiving system have tightened up their policy and starting dropping your messages.

So assuming that you have control of the DNS records for your domain, you need to start by adding a new TXT (text) record. The hostname part of the new record can be left blank, leave the TTL as the default (probably 3600)  but the body of the record should read;

"v=spf1 include:_smtprelay.virginmedia.com ~all"

Watch out for the spaces, the colon and the underscore, they're all important.

It works like this

v=spf1 is just the version number but it also tell the destination system that this is an SPF record (as an aside, there used to be a specific SPF record type in DNS but it's no longer used)

include:_smtprelay.virginmedia.com   (simply means if the received email should have originated from this address)

~all       the ~ (tilda) character means a soft fail, basically the receiving system should accept mail from any source and decide itself what to do about it, -all is a hard fail, in other words if it hasn't originated from the system specified then definitely kill it. I can't see much advantage in the hard fail option (unless you know for a fact that your domain is being spoofed and used to send out spam) and generally just opt for the ~all at the end.

If you send out email via multiply relays then you can chain up additional names (there is a limit though so not too many), so if you also wanted to set it up so you can use Google's servers to send out mail, other than setting up the gmail accounts your SPF record would look like

"v=spf1 include:_smtprelay.virginmedia.com include:_spf.google.com ~all"

As always, whatever you do, it's up to the receiving system as to what they do with the messages regardless, you can't force the issue - there are absolutely no guarantees with email delivery!

Best wishes

John