SPF Authentication Email blocked when sending emails to Gmail accounts (Google Workspace)

jnstn.io · June 14, 2023, 1:01pm

Hello,
I have my domain with Google Domains, which has been set up with the Netlify Name Servers and is displaying my website as intended. As I have a Google Workspace account, I have also set up my mail records which have been working fine (for the most part). During set up, I added a SPF authentication record, as suggested by Google.

The issue I’m encountering is that when I send an email from my custom domain to a Gmail hosted address, my message is blocked with the following error:

550 5.7.26 This mail is unauthenticated, which poses a security risk to the sender and Gmail users, and has been blocked. The sender must authenticate with at least one of SPF or DKIM. For this message, DKIM checks did not pass and SPF check for [[jnstn.io](http://jnstn.io/)] did not pass with ip: [209.85.220.41]. The sender should visit https://support.google.com/mail/answer/81126#authentication for instructions on setting up authentication. k5-20020adfb345000000b003110d6bc9e1sor304228wrd.10 - gsmtp

I’ve gone through Google’s documentation and the Netlify Forums to try to resolve the issue, but the recommended solution seems to be to add the SPF authentication record (which has already been added).

Any help would be most welcome.

Domain / Netlify Site Name: jnstn.io
Netlify Site ID: b88a567f-5398-448d-aed3-7a1c4b62d7e5

fool · June 16, 2023, 9:31pm

Hi there,

As far as I can tell, this is your SPF record:

 % host -t txt jnstn.io
jnstn.io descriptive text "v=spf1 include:_spf.google.com ~all"

…However, it seems to only authorize Google’s netblocks, according to this lookup tool:

…which would not map to any location you could use Netlify to send mail from (since our dynamic workloads such as your functions do not run in Google’s cloud).

So - just to clarify - are you sending from a netlify function, or is this just “when I send from my normal mail client” ?

jnstn.io · June 17, 2023, 10:40am

I’m using Apple Mail as my client, and I think I have solved the issue now.
It was interesting that using that I was only getting bounce back when sending emails to @gmail.com addresses.

It seems that the issue was an incorrectly set DKIM record.
Now that the record has been updated to the correct Name and Value provided by Google Domains (TXT record), everything seems to be working.

Thank you for your help.

Topic		Replies	Views
Gmail blocking my emails sent from this domain Support email	3	1393	November 10, 2023
Gmail not working after adding netlify custom name servers in google domains DNS custom name servers Support netlify-dns-https-ssl	2	1088	March 11, 2023
Email Authentication for Google Domain Hosted on Netlify DNS Support authentication , netlify-newbie , email	6	2668	August 4, 2021
Google workspace DKIM Support netlify-newbie	1	300	February 13, 2024
Do emails get automatically blocked by Netlify DNS? Support netlify-dns-https-ssl , email	9	427	October 24, 2023

SPF Authentication Email blocked when sending emails to Gmail accounts (Google Workspace)

Related topics