cancel
Showing results for 
Search instead for 
Did you mean: 
james35
First-timer (legacy)
Status: Completed
We want the FROM address set to our domain so that 'via Shipstation.com' does not appear on gmail. We also want to include your spf/senderId records in our spf/senderId records, have the email signed with our DKIM key and have the links use our subdomain instead of email.shipstation.com. Here's how this works on a few of the major ESPs: http://login.mg2mail.com/help/Content/Listrak_Manual/Branding%20Settings.htm https://mandrill.zendesk.com/hc/en-us/articles/205582387-How-to-Set-up-Sending-Domains https://sendgrid.com/docs/Glossary/email_authentication.html This will significantly improve deliverability and professional appearance. Best Regards, James Fredley VP of Marketing Technology FilterEasy
160 Comments
PrintBiz
New Contributor

edited- TEMPORARY SOLUTION (that worked for us)

After months of back and forth, multiple support tickets and escalations, we were left with no choice but to find another provider. Then out of nowhere, we received a response from the "Manager of Merchant Support", telling us to add a DMARC record which actually resolved all of our issues right away. It was really that simple. 

I won't share the DMARC record text that we used because it might vary for you (and I don't want to be responsible if it breaks something) but just contact your email hosting company and they should be able to help you get it done.

It's surprising how much time it took and how many different support people we went through for such a simple response. Kudos to the Support Manager, hopefully he shared his knowledge with the rest of support. 

See comments below from some more technically inclined users about using DMARC. 

I hope this helps!
If you need printing services (including custom packaging), contact us! www.mmprint.com 🙂

Lanbo
New Contributor

@PrintBizI just checked your DMARC record and all that is doing is basically telling the recipient's server to ignore DMARC checks because your DMARC policy is disabled. You have a valid DMARC record, but it is basically turned off. There are two verification methods for emails: SPF and DKIM. The DMARC record is what tells the recipient's server what to do with the email after running SPF and DKIM authentication and alignment. It's a little more involved than what I'm going to type, but the basics are that your DMARC policy can be set to accept all email regardless of outcome (basically disabled...the way yours is), or it can be set to either quarantine (usually move to junk mail) or reject (do not receive at all and return message to sender) based on one or both methods (SPF and/or DKIM). You should be receiving emails to the address you specified in your DMARC record that tells you when emails did not pass. You should review those and you'll probably see every email sent from shipstation is showing up there. The problem with the way your DMARC is setup is that I can send an email right now from my server claiming to be you, it will fail both SPF and DKIM but your DMARC record will still tell the recipient to accept it. A disabled policy is really only intended to be used for a short period of time to allow you to review the reports you receive to make sure that your records are setup properly (primarily the SPF record). Everyone should have a DMARC policy even if it is disabled like yours is. At the very least, it will give you notification when spammers are using your email addresses unauthorized as well as letting you know if something is setup incorrectly for legitimate email. Next month in February, Google and Yahoo will require a DMARC record AND it must pass DMARC (meaning it has to pass either SPF and/or DKIM) if you are sending more than 5,000 messages per day to their servers. That all sounds well and good, but I'm not sure how they will count that 5,000. Is it going to be 5,000 from me via shipstation and 5,000 from you via shipstation? Or will it count everything sent via shipstation regardless of who is shown as the "from" sender? I know I don't send more than 5,000 packages a day, so as long as it just relies on the "from" sender then I will be good. But if it aggregates all shipstation sent emails, regardless of the "sender" then we are all in trouble if you are using your own email address.

Here is some more reading for you if you're interested:

https://dmarcian.com/yahoo-and-google-dmarc-required/

Shipping55
Occasional Contributor

DMARC is not the same as authenticated email and DMARC=none is useless most people need to dial up to DMARC policy of REJECT which means you still need SPF/DKIM to pass authentication...this entire things is very complex..I wrote about it last year but a DMARC record is a pass/fail of authentication and "none" does nothing for you to prevent spam and authenticate messages.

https://chriscolotti.us/technology/how-to-get-safely-dmarc-fully-configured/

DMARC policy checks for Authentication first which is still a requirement if you want anything more than "none" in the DMARC policy

what @Lanbo said is accurate as well but the support manager has no idea how SPF/DKIM and DMARC all work if they told you to just add a DMARC record with "none"

PrintBiz
New Contributor

@Lanbo

You are absolutely right, I checked with our hosting company and they confirmed that we do have it set to email us. It is absolutely a temporary band aid. I'm not technically inclined about this stuff so I thought it was the solution. I edited my original post to reflect your comments!

100% agree, the right way to go about it is adding the SPF/DKIM but Shipstation doesn't offer that so this at least gets the emails out with our own domain for now until they fix it correctly or we find another solution. 

We tried using a gmail address and within a day or 2 google locked our account up because it was violating TOS. Plus, our marketing dept. was not happy about using gmail or a no-reply shipstation address in our emails to customers.

SHIPSTATION NEEDS TO GIVE US A PERMANENT SPF/DKIM SOLUTION.

The_Token_Shop
New Contributor

9 days....

Start_Haus
New Contributor

I'll share our fix to this dated problem.

Delete your company email from the branded tab (you can leave everything else, website, logo, phone, etc). Create a new template for both tracking confirmations and delivered confirmations (copy from default). Edit these new templates to remove the email field and enter a static value (your email @ your domain). Save.  Change the default email templates to use these newly created templates. Save. Emails are still branded, and emails are delivered.

While this solves the DEMARC deliverability issues caused by ShipStation effectively spoofing your domain, there are still problems with this.  If a customer hits "reply" to either the tracking or the delivery confirmation, it will bounce as tracking@shipstation.com is a no-reply address.  However, at least they are delivered, its a clean and branded email looking as though it is from your company, and the email contact is in the body of the email.

Rich
Occasional Contributor

@Shipping55 I agree that DMARC does not need DKIM to pass. For our BigCommerce store (which does not offer DKIM), we have SPF alignment and it passes DMARC according to our DMARC monitoring solution.

The requirement for Google and Yahoo is simply to pass DMARC with either SPF alignment -or- DKIM (for now).

ShipStation is failing SPF and DKIM, even though we have "include:email.shipstation.com" in our SPF record, so it must be SPF alignment that is failing.

 

WishShipStation
Contributor

And Ship Station continues on to do nothing about it.....

I have an open ticket with them from 10 days ago and still no response.  

Status changed to: Planned
Manager-Erin
Alumni
Alumni

Hey Community!

You may have heard about the Google and Yahoo! email updates, we have, too.

If you use ShipStation’s default tracking email for customer shipment notifications (tracking@shipstation.com), your emails are already configured to pass DMARC checks. You do not need to take any further action.

While ShipStation doesn’t currently support domain verification, we are working on a solution so that when your brand’s email is used to send notifications, the recipient’s mail server does not filter the email as spam. You can find additional updates or changes in this article. If any questions arise, please feel free to contact our support team.

Happy Shipping!


-Erin: Your Friendly Neighborhood ShipStation Community Manager 

Status changed to: Completed
MelanieV
Community Manager
Community Manager

Hello Community!

We are thrilled to share an exciting update, ShipStation now supports domain authentication to ensure your branded emails pass DMARC checks seamlessly and improve your deliverability rates.

We appreciate all your valuable feedback and suggestions. To set up and benefit from this feature, please review the feature requirements and steps in our "Configure Domain Authentication in ShipStation" article. For more insights into email authentication policies and protocols, explore our guide on Email Domain Authentication (DMARC).

As always, if you have any questions or concerns, please don't hesitate to reach out to us.