Showing results for 
Search instead for 
Did you mean: 

Why sending email without a verified sender domain is dangerous and risky

Occasional Contributor

If you've been wondering why your "verified" email is still hitting spam folders of your customers, you're not alone. We've been talking with Shipstation about this very issue over the last 3 years of business, and we've been stonewalled, so I'm hoping to ask the community here about their experience with this.


Does domain verification matter?

Yeah you bet: Sending from a verified domain means you can prevent email fraud, improve your email deliverability, and help ensure continued delivery at receiving mailboxes. Email authentication is the key.

Email authentication isn’t just about security – it’s also about deliverability. By putting DKIM and SPF records in place and authenticating your emails, you can protect your brand and help your emails successfully reach the inbox.


All our over services offer this as standard internet security and safety - Jilt, Mailchimp, Mailgun etc - anywhere we send emails from we have to make sure we update our domain records. 


Why is shipstation not acknowledging this critical issue?


looking forward to a discussion, 





Occasional Contributor

You need to remove your email address from your store setup page.

The email then comes from instead of shipstation spoofing your email address like a spammer. Not the ideal setup but at least the customer will get the email.

The clowns at shipstation have been seeing posts about their email problem here for last 5 years, and continue to ignore/not think its a problem.

Shipstation needs to hire someone that knows anything about how email works, you don't seem to have anyone in the email dept. now

Occasional Contributor

You are definitely correct that this, hopefully temporary, workaround is far from ideal, but thank you @nick for sharing!


I am glad to see this huge issue may finally be addressed. Only time will tell...


Hello @lunacoffee and @nick,


Thank you so much for being a part of our community and for your candor. Your feedback is greatly appreciated. 


I wanted to let you and the community know that this is something we are aware of and that is currently being discussed and reviewed by our product management team.


In regards to the feedback forum, I want to assure everyone that while you may not always see public-facing updates this does not mean that this is not being discussed internally. We try to make sure that when we provide updates that they actually contain new and meaningful information so this is why you might see a delay in getting a new update. 


To give you a small peek behind the curtain, the product management team and the team monitoring the feedback forums meet bi-weekly to review ideas and make sure we are providing updates.


I would recommend subscribing to the following idea so you are notified when we have an update to provide. 


Email Authentication based on client domain


-Erin: Your Friendly ShipStation Community Manager 


Hoping to see some of these features implemented now that the new layout is getting more stable. This post is from 5 years ago, and there are many more features that this community assumes is never coming. Is there a place where I can see the "patch notes" when new features are implemented? Sometimes I avoid a broken feature of shipstation for a huge stretch of time only to find it was fixed recently when I check in.

New Contributor

In regards to the feedback forum, I want to assure everyone that while you may not always see public-facing updates this does not mean that this is not being discussed internally.

That an issue is being “discussed internally” also does not mean that those discussions are going to lead to anything that has meaning for users. None of us care about internal discussions. We care about ShipStation taking actions that fix longstanding problems that have been reported by multiple customers. I’ve been following three or four of these issues for several YEARS and this one is certainly the worst. It’s a showstopper problem that can be simply addressed by giving customers the ability to define appropriate SPF records in their DNS zone and it has been under “internal discussion” since 2016. Stop talking about it. It’s messed up. Fix it.


New Contributor

It is time to fix this problem shipstation. Unacceptable that it has been 5 years. Thank you @nick for the workaround. Stunning we have to resort to this type of thing and delete our email form the settings.


Just removed my email addy, so now all the replies to any shipping / tracking / delivery notification emails are NOW GOING TO TRACKING@SHIPSTATION.COM , right? 


I'm going to agree here, 5 YEARS and it's being "Discussed" bi-weekly?  Give me a friggin' break, that's a lame response.  All other providers that we use have AT THE MINIMUM an SPF entry we can use for email authentication and it didn't take them "5 years of behind the scenes discussions" to get it done.


Hi everyone, 


Thank you for your candor with your feedback. We definitely understand and appreciate that the lack of responsiveness on this specific issue has been frustrating. We are working internally to improve how we review and respond to feedback so this doesn’t keep occurring in the future. And we apologize for failing to meet our users' expectations around this feedback. We will do better and changes are already happening. 


Our product team is investigating how to implement a workable solution for this that will not impact other existing functionality and properly uses the notification service that’s embedded in ShipStation. There are really two issues here that need to be addressed and they don’t affect all users equally:


  • Spam - ensuring the notification makes it to your user without getting filtered to their spam folder or blocked entirely.
  • Domain validation - which validates that you own and control the domain your email is coming from (there are some additional considerations here about what level of control should be implemented within ShipStation around these email settings - this is where the SPF/DKIM/DMARC/etc details come in).


Because of ShipStation’s level of configurability, we also have to consider the impact any change will cause to the experience of many different types of users. If a change is made available universally, and there are additional settings or configuration options that must be included to accommodate the change, how will this affect the experience of users at different levels? Could it potentially cause a mis-configuration to break notifications entirely? If we don't implement the change universally, what's the criteria used to determine this?


As of now, these are a few of the questions our product team is looking at (though there are many more). This change is still in the discovery phase and is not part of the upcoming sprint cycle of development work happening in April. We hope to have some decisions made around this by the end of the month and we’ll update this thread at that time.


In the meantime, we recommend what was suggested early on this thread - remove your email address from your stores’ Branding tab and allow ShipStation to send notification emails from tracking at shipstation dot com. If you have something in the Branding tab’s Company field, that will be used as the display value for the FROM field  in your customers’ inboxes.


Thank you again for your input and patience. 




Sarah H.
Austin, Tx




Thank you everyone for your continued patience. We are actively working with our email notification partner to update the email notification process in ShipStation. We’ve taken your comments into consideration to help plan for how any new processes will be implemented.


We do not have an ETA right now, but we will continue to provide updates as this project progresses. 



Sarah H.
Austin, Tx