Reputation: 112
DMARC and SPF Alignment when using Mandrill
I want to understand the SPF alignment process when using Mandrill to send emails.
In this case, the envelope mail address is the Mandrill domain and the from header domain is example.com then we need to add an SPF record on the DNS configuration of our domain example.com. the SPF record should contain the sender address in this case it is the Mandrill server domain.
How does the DMARC alignment pass in this case? Even the relaxed alignment checks the subdomain, but we have a different domain here.
How do the verification protocols in the receiver mail system handle this? does this mean all our emails will be marked as spam? or is it enough to have the email domain in the from header the same as the domain name in GoDaddy example.com?
I tried to open Mandrill documentation and found nothing regarding SPF configuration, only the DMARC and DKIM instructions
Upvotes: -1
Views: 327
Answers (2)
Reputation: 21
DMARC requires only one mechanism (DKIM or SPF) to pass and align with the message's From domain. In your case, that's DKIM.
If you also want your SPF domain to align, set a custom Return-Path domain (a subdomain of your From domain) in Mandrill and use relaxed alignment (aspf=r, the default) in your DMARC record:
Upvotes: 1
Reputation: 112
In Google Doc i found the following:
To pass DMARC, a message must pass at least one of these checks:
- SPF authentication and SPF alignment
- DKIM authentication and DKIM alignment
So passing only DKIM alignment will be enough.
Upvotes: -1
Related Questions
- Configuring SPF/DKIM/DMARC for Google Apps Script
- DMARC -spf and DKIM record queries
- SPF / DKIM / DMARC with AWS SES dns setup
- Why SPF fail and DKIM passed in DMARC reports?
- SPF + DKIM pass and DMARC fails
- What is considered a DMARC failure?
- How do I setup SPF to Pass for Mailchimp, SES and EC2 so that DMARC doesn't partially failing due to misalignment
- DMARC/SPF/DKIM not authenticating with third-party mail