[HN Gopher] Use a custom domain to send emails with Gmail using ...
___________________________________________________________________
Use a custom domain to send emails with Gmail using Cloudflare
email routing
Author : Gadiguibou
Score : 151 points
Date : 2022-11-18 19:02 UTC (1 days ago)
(HTM) web link (jay.gooby.org)
(TXT) w3m dump (jay.gooby.org)
| doctoboggan wrote:
| I've tried various versions of this and have always had
| deliverability issues. Never tried with Cloudflare though.
|
| Can anyone who has done this exact setup report on their
| experience with deliverability?
| mmarquezs wrote:
| I haven't used it much, but personally I replaced the Gmail
| Outbound server for Sendgrid. Inbound I still use the CloudFare
| system.
| computerfriend wrote:
| I think I tried exactly this configuration a few months ago. I
| also had deliverability issues.
| blahgeek wrote:
| By deliverability issues, I believe you mean outbound mails? I
| have the same concern but I don't think that's related to the
| cloudflare though. Its only about using gmail SMTP server to
| send custom domain emails without correct signing
| doctoboggan wrote:
| Yes I mean outbound email being marked as spam or otherwise
| not being delivered to my recipient's email.
| kweks wrote:
| I do this with MailGun across a multitude of professional /
| company domains. Never has a problem with deliverability.
| MailGun has a very nice option where you can use RegEx in your
| routing rules, even across domains (and subjects, recipient,
| etc)
| weird-eye-issue wrote:
| Cloudflare will have nothing to do with you deliverability
| because that is only being used for receiving emails
| RileyJames wrote:
| Interesting setup. I use https://forwardemail.net for this use
| case. It's certainly easier to setup, and it's cheap ($18 for 6
| months).
|
| It means I have email setup for all my side/small projects and
| spare domains, all forwarding to the few active inboxes I keep.
| esperent wrote:
| I'm in the process of switching from forwardmail to mxroute.
| It's $45/yr for unlimited domains and email accounts, 10gb
| storage.
|
| Have not tested it yet, but it looks good. Their customer
| service is _salty_ though. Definitely a service geared towards
| people who already know what they are doing, so ah... wish me
| luck!
|
| Along the way I did evaluate Cloudflare email routing and it's
| great, for what it does. For personal email on a custom domain
| through a gmail account, I set everything up in 15 minutes. You
| end up using the gmail smtp server. Presumably you can use any
| provider with smtp if you don't like gmail. However... No
| pop/imap which was a deal breaker for me and why I'm moving on
| from forwardmail in the first place, hence moving to Mxroute.
|
| I also tested Zoho mail. Not great, not awful. Very confusing
| UI.
| sethd wrote:
| I love Cloudflare and really want to use this but I need the
| ability to route to multiple (2-3) destinations. :)
| rdsubhas wrote:
| I've tried this. Most of my emails land in either "Promotions" or
| "Updates", or worse - Spam.
|
| If you really want your emails to be delivered to most recipients
| Inbox - I would not recommend this.
|
| To validate - please go to https://www.mail-tester.com - in 15
| seconds it will evaluate and print your email score (you send it
| a dummy email). The main thing I see with using free gmail as a
| custom domain proxy SMTP is: It does not do DKIM (email
| signatures) except for @gmail.com or google workspace accounts.
| This reduces the sender score by a LOT.
|
| Edit: The same is also true with forwardemail.net or any
| "incoming" email routing (free or paid). Because incoming email
| is just one step of using a custom domain. The main thing is the
| "Outgoing" email server. Unless outgoing email has full DKIM
| support for your custom domain, your emails are going to struggle
| reaching the recipient.
| Arcuru wrote:
| All these articles really need to clearly layout the downside.
| You can't send emails as the custom domain. At best, your emails
| will say "sent by x@gmail.com on behalf of officialdomain.org"
| hnthrow10282910 wrote:
| Like within the header? It will show the custom domain in the
| from field of the email. Im not sure what the big deal is, but
| I'm curious.
| rnk wrote:
| It doesn't look professional, it could beore likely to be
| rejected as spam.
| ignoramous wrote:
| One can in fact send emails from Workers with their Cloudflare-
| registered domain name through MailChannels [0]. We use it to
| send _MagicLinks_ [1]. And intend to impl DKIM signing, soon [2].
|
| [0] https://blog.cloudflare.com/sending-email-from-workers-
| with-...
|
| [1]
| https://github.com/celzero/otp/blob/f6bb5593c5173a2844178638...
|
| [2] https://mailchannels.zendesk.com/hc/en-
| us/articles/712284923...
| modernerd wrote:
| I'm using the MailChannels integration for contact forms on
| Cloudflare Pages (including Cloudflare's Turnstile CAPTCHA
| alternative [1]). It works really well.
|
| [1] https://www.cloudflare.com/en-gb/products/turnstile/
| truetraveller wrote:
| Can MailChannels be used for commercial purposes. Any limits?
| Can I create a "newsletter" SaaS, like MailChimp? Seems too
| good to be true.
| xmorse wrote:
| I think SendGrid uses MailChannels to send newsletter emails
| and probably most other email marketing tools too
| icy wrote:
| This is neat. I've been using Oracle's Email Delivery service
| because it's dirt cheap -- I didn't know I could do it for free
| using Workers. I'm going to try this.
| ttul wrote:
| MailChannels CEO here. We love to hear use case stories like
| this. Please don't hesitate to reach out to me on LinkedIn [1].
|
| [1] https://www.linkedin.com/in/ksimpson/
| zfa wrote:
| Can someone with more knowledge on this subject explain if
| there's a technical reason Cloudflare can't 'properly' MITM the
| inbound email.
|
| That is you have your MX records pointing to `mx.example.com` in
| your example.com zone config, and enable the Cloudflare proxying
| of it (usual orange cloud in the UI).
|
| Now, once it's proxied, Cloudflare returns the IP of _their_
| mailserver instead of yours on public lookup, just as they do
| when returing the IP of a proxied webserver.
|
| So this Cloudflare MX server gets your mail, and then as it knows
| your 'real' MX server it connects to that server and delivers it
| to you, maybe adding some header or other on the way.
|
| I don't like the fact they use bog-standard forwarding as it
| necessitates messing with your SPF records, getting crazy
| forwarding headers and having to navigate ARC etc.
|
| There just seems to be a cleverer way to do this than just do
| what everyone else does, and they're generally ahead of the curve
| technically. Must be something I'm missing.
| justsomehnguy wrote:
| > Cloudflare can't 'properly' MITM the inbound email.
|
| Define 'properly'.
|
| It's a bog-standard forwarding specifically because this is the
| only way to have to separate systems to operate.
|
| Gmail doesn't know what `yourdomain.tld`[0] is yours and what
| if it receives anyhting to *@yourdomain.tld it should route it
| to yourmailboxname@gmail.com.
|
| If you don't point yourdomain.tld MX records to Cloudflare then
| Cloudflare would never receive anything to @yourdomain.tld,
| because MX doesn't point at them.
|
| [0] the only way to for it know that is to run some Google
| Business or whatever it called now, where you actually ...
| point yourdomain.tld MX records to Gmail and it would process
| them... but it would not deliver them to
| yourmailboxname@gmail.com!
|
| BTW it would be absolutely the same idea if instead of
| Cloudflare you would use Google Business (again, whatsitsname).
| You would setup 'Send As' in yourmailboxname@gmail.com as a
| usual SMTP identity which would allow you to use _Gmail
| interface_ to send from somename@yourdomain.tld, and similar
| you need some way to explain to Google /Gmail what all mails at
| *@yourdomain.tld should be forwarded to
| yourmailboxname@gmail.com.
| zfa wrote:
| Yeah, sorry I meant as a soln for when your backend MX
| actually is *your* backend MX. That is, it knows it hosts the
| mailbox for localpart@example.com and the mail recipient
| address matches on the envelope.
|
| I understand the vagaries wrt forwarding to an acount of a
| different name and you're spot on there.
| robjan wrote:
| For that to work the destination server, in this case Gmail,
| would have to know to deliver mail addressed to me@domain.com
| into your Gmail mailbox. In this example it's a limitation on
| the Gmail side.
|
| Domains and subdomains are handled by DNS which is why
| Cloudflare can E2E proxy them. Email mailboxes are handled by
| an application running on a server.
| zfa wrote:
| Sorry - just had to clarify elsewhere too so I obviously
| wasn't clear... I meant in situations where the backend MX
| has a mailbox which matches to mail recipient as in the case
| where you're running your own mail server and would like
| Cloudflare sat in fonrt of it just like they sit in front of
| your own webserver.
|
| Obviously if there's any recipient address trranslation in
| play forwarding becomes necessary.
| ignoramous wrote:
| > _That is you have your MX records pointing to
| `mx.example.com` in your example.com zone config, and enable
| the Cloudflare proxying of it (usual orange cloud in the UI)._
|
| Support for such use cases is imminent:
| https://blog.cloudflare.com/announcing-route-to-workers/
| zfa wrote:
| Interesting. I have a few bits and pieces on my Workspace
| domains to automate mail processing using Google Apps Script
| so will have to see if I can move that over to Cloudflare. Be
| nice to extend the functionality to non-GMail inboxes. Thanks
| for the heads up.
| zeusly wrote:
| There's also https://forwardemail.net which I really love
| _nalply wrote:
| Did you configure DKIM?
| evolve2k wrote:
| I see the use case as being for all my side project domains.
|
| After doing stuff like this for years, I've ended up going to
| Migadu, unlimited domains for under $100 year (cheapest plan is
| $19/yr for almost unlimited domains)
|
| https://www.migadu.com
|
| The Missing Email Service For Domains
| saagarjha wrote:
| This seems far more complicated than it had to be? My email
| (saagar@saagarjha.com) is backed by a personal Gmail account.
| When I receive mail my domain registrar has some aliases set up
| to catch it and forward it to my Gmail inbox. When I send mail it
| goes through an alias:
| https://support.google.com/domains/answer/9437157. No need to set
| up a mailserver at all.
| weird-eye-issue wrote:
| I think you completely misread the post, or maybe you didn't
| read it at all
|
| They aren't setting up a mailserver
|
| They are just using Cloudflare's email routing to do what your
| registrar is doing
|
| It seems like everything else is mostly the same except your
| alias approach has some downsides that the OP's maybe doesn't:
|
| "Important: While these directions let you send emails from a
| custom email alias at your domain, email recipients can still
| find your personal Gmail address if they inspect the email
| headers. Emails from your alias are not digitally signed and
| are more likely to be flagged as spam."
| saagarjha wrote:
| I know they aren't, they're trying to avoid doing that. I
| suggested another way they could. Based on what other people
| are saying, about how Cloudflare messes up the sender field
| for you, I feel like having a Gmail address in the headers
| might be better.
| weird-eye-issue wrote:
| > about how Cloudflare messes up the sender field for you
|
| ... What? Cloudflare has nothing to do with the email
| sending so it doesn't mess up any sender fields. If you
| mean for receiving emails, the sender field has always been
| totally fine for me. I don't see anybody complaining about
| it, I think you are misunderstanding other comments
| saagarjha wrote:
| https://news.ycombinator.com/item?id=33666119
| weird-eye-issue wrote:
| Right... That is from Gmail. Cloudflare has literally
| nothing to do with that...
|
| Also it's not even accurate, if you setup the alias
| correctly that doesn't happen
| amatecha wrote:
| I went the opposite direction and am now paying for Proton and
| have set up my domains there. For me personally, a better
| approach than increasing my reliance on a second cloud service
| (Cloudflare) while continuing to benefit the original (Google)
| and experience its extreme degree of privacy invasion. This might
| not be the perfect solution, but for me it's definitely a step in
| the right direction, even if I move onto something else later.
|
| Further, considering I am regularly inexplicably blocked from
| accessing websites because they use Cloudflare "protection"
| (which doesn't like OpenBSD + Firefox strict privacy setting),
| and considering their recent conduct, there's zero way I'd ever
| consider using Cloudflare's services regardless of potential
| usefulness. Not to mention giving up even more control of the
| internet to these "superpowers" seems like a terrible idea for
| everyone's sake, IMO.
| vanilla_nut wrote:
| As someone privacy minded, how do you manage domain ownership?
| I've recently jumped into this world myself and I feel as
| though most registrars are unsavory in some way.
| amatecha wrote:
| Oh, what aspect of domain ownership? I mean, yeah it's true,
| the whole market around domains is super sketchy and
| basically unethical IMO, domains should be like $5-10/year at
| most, for any TLD. I'm using NameCheap, which I fortunately
| haven't heard any horror stories about, but yeah, I don't
| have any more faith in them than anyone else, I just got an
| awesome deal to move my domains over years ago and they
| seemed to have a good reputation at the time.
| vanilla_nut wrote:
| I use NameCheap as well for similar reasons -- their
| pricing seems as fair as it gets in the domain business,
| and they haven't tried anything scummy enough to make me
| switch providers.
|
| One thing I don't understand: why can't I pay $100 today
| and get some kind of proof of ownership for life? Is that
| just impossible with the domain system as it is?
| quesera wrote:
| > why can't I pay $100 today and get some kind of proof
| of ownership for life?
|
| Because Annual Recurring Revenue (ARR) is everything in
| this business, and the registries (Verisign etc) are
| monopolies for a given TLD.
|
| The _registrar 's_ minimum cost to hold annual
| registration on a .com domain is a bit higher than $9.15
| ($8.97 to Verisign registry, $0.18 plus accreditation and
| variable fees to ICANN).
|
| The rest of your registration fee is revenue to the
| registrar (minus payment processing fees, and plus any
| upsells).
|
| Registrar pricing is all over the place. GoDaddy _used to
| be_ low-cost, high upsell. Now they are on the high end
| of normal pricing (and still high upsell! Don 't use
| GoDaddy!).
|
| A quick survey of .com annual renewal prices:
| $ 9.15 Cloudflare 9.73 Porkbun 12.00
| Google 14.76 Namecheap 20.17 GoDaddy
|
| NOTE: Cloudflare apparently absorbs the accreditation and
| variable ICANN fees without passing them on to the
| customer. These fees total ~$20-45K/yr depending on
| domain volume -- assume the maximum for Cloudflare. So
| they are losing a very small amount of money with every
| domain they register. Loss leader, etc, I'm sure it's a
| smart marketing write off for them.
|
| https://domainnamewire.com/2022/02/10/verisign-announces-
| ano...
|
| https://www.icann.org/resources/pages/registrar-
| fees-2018-08...
| kevin_thibedeau wrote:
| Oddly enough, Google Domains is the least bad in this regard.
| They have an interest in not compromising their control of
| .dev and it's enough of a small potatoes activity that it can
| escape subversion into a profit center.
| _nalply wrote:
| Especially if you have a good domain they stop reminding you
| to renew the domain and oops you lost the domain. Happened to
| me.
| sideproject wrote:
| I do something similar with a tool I made & use
|
| https://newsy.co
|
| It works great. I don't use Cloudflare email routing service but
| use something else. But I did a manual test with Cloudflare and
| it worked really well (thinking of changing it actually).
___________________________________________________________________
(page generated 2022-11-19 23:02 UTC)