I have been asking for help fixing this issue for my outgoing shipstation emails - and support sent me here.
To find that it is no help other than to let me know I am not alone in this.
This is absolutely ridiculous - incredible that we pay for this service and cannot get modern security standards implemented in a timely manner.
For me to get DMARC compliant basically I have to send my OWN shipping notifications. I essentially disabled ALL notification emails (shipping and/or delivery) from SS and use Zapier and/or built in WooCommerce emails with a custom "Shipped" Status to get around it. Essentially I send NO email from SS anymore with or without my own domain. Screw it until they fix it that was the only way to stay DMARC compliant.
I suggest everyone simple stops using any/all of the SS notification emails (sadly they are nice and customized and branded with tracking links), but until they get off they butts and fix this issue and provide proper SPF/DKIM you will run the risk of having their emails dropped or Quarantined with a DMARC policy enabled.
Also support basically told me to "Not use a DMARC enabled Domain" which frankly is a Bull___ answer. I love the product for how it integrates to my stores, and other things, but that was a weak response to email security being around for years now. They just need to get their act together. Until then...just disabled all their notifications and work around it yourself in other ways. Zapier is your friend for this!!
Will this feature ever be added to ShipStation? I'm tired of the tracking information going to spam. I was thinking about two workarounds:
1. It looks like ShipStation is using Google for the mail server according to MX Lookup. Can't we just use that information in our SPF records to minimize spam?
2. Can we use something like Zapier to create a trigger in Microsoft 365 or Google Workspace to send out a notification instead of using ShipStation to do so?
Finally, why wouldn't the Mailchimp integration be changed so it can be used to send out email notifications?
If ShipStation isn't going to help us out with simple things like this, at least give us some options.
I want to voice my support for the addition of this functionality. This is critical to email deliverability and frankly, it's embarrassing that ShipStation doesn't support this. ShipStation is the only SaaS product we use that sends email on our behalf, but doesn't support proper authentication.
This issue has been discussed for so long without progress is disheartening, so we've just started work on sending shipping confirmation emails directly from our domain. ShipStation can be configured to send webhooks upon shipping an order, so it's a process of handling the webhooks, getting the order/shipment info we need, and recreating email templates. What a waste of time that we shouldn't have to deal with.
Wait is this seriously an issue? I came in here just trying to set up DMARC. Is there an spf record we need available? Way too many pages in this thread.