Not quite “From spoofing”, but legit.
This is one of those areas that spammers have made intensely difficult. It’s something I help others with often.
Even when we’re using Gmail or other email services to manage our email, and perhaps even when we’re primarily using our gmail.com email address, I’ve long held it’s important to be able send “from” your own domain name for a variety of reasons.
There are at least three ways to do it, ranging from simple but problem-prone to complex but more reliable.
Become a Patron of Ask Leo! and go ad-free!
Sending from your domain
Spammers have made email tricky. To send from your domain, you can 1) fake it (won’t work well); 2) only send through your domain’s SMTP server; or 3) configure a full send/receive email account. The last is the most reliable; it’s the most common, and your email comes directly from your domain’s server.
1) Lie
It’s important to realize that for many email systems, your email address and your account ID are two different things. They may have the same value, and often do — typically the email address — but they don’t have to.
So, when you configure an account using some other provider, you can just… lie.
For example:
In this example, I’ve specified that my email address is “me@randomisp.com”, and that my “outgoing mail server” (used to send email) is that of Yahoo! If this were to work, I would send email from my email address using Yahoo!’s mail servers.
It’s unlikely to work. Yahoo!’s mail servers should not allow email to be sent from domains it does not control, even if you’re signed in with a Yahoo! account.
Even if it worked, recipient email services are likely to consider the messages spam because the domain in the email address (randomisp.com) doesn’t match the domain(s) owned by the sending service (yahoo.com and others). This is a huge red flag for spam filters. It’s the reason I refer to this as “lying”; in effect, you’re saying “Yahoo! is okay with this” when they’re not. (While I’m using Yahoo! as my example, this is true for any other email service.)
2) Send only
This requires that your domain — in this example, randomisp.com — has email support of some sort. Most specifically, it must support your use of SMTP, the protocol used to send email.
You could configure your email program to send using that service. For example, this time, I’ve used Gmail’s “Send mail as” functionality (Found in Settings -> Accounts and Import).
I’ve still specified “me@randomisp.com” as my email address in a prior step, but now I’m asking Gmail to send the mail on my behalf.
In this scenario, Gmail doesn’t actually send the email itself; it connects to the randomisp.com server to send it on. In order to do that, I need to specify credentials to prove I’m allowed to send through that server. There are two typical approaches to providing those credentials.
- My full account credentials for leo@randomisp.com at the randomisp.com email server. I’ll discuss this approach as part of a full email account in a moment.
- Account credentials for any other account allowed to send email from randomisp.com. In the example above, I’ve specified the credentials for “sendingaccount@randomisp.com”.
The second scenario is common if you don’t have a full email account at randomisp.com. (There are valid scenarios for this.)
Now, when I send email “From:” me@randomisp.com, the following happens:
- Google’s mail server connects to mail.randomisp.com and signs in as sendingaccount@randomisp.com.
- Using that connection, Google’s mail server sends the email I’m sending to mail.randomisp.com.
- Randomisp.com’s email server sends the email on to its final destination.
This ensures that email “from” randomisp.com really comes from that server. The password requirement ensures that only allowed individuals can do this, not spammers.1
3) Use a full account
The simplest and most reliable approach to sending email “From:” any specific email address is to configure it as a complete email account for both sending and receiving. That way it’s completely separate and doesn’t depend on other email services.
In this example, I’ve set up a complete account in my email program for me@randomisp.com. The account is configured to send and receive email directly to and from randomisp.com’s mail server.
This is the simplest and by far most common solution. In fact, even though I’ve displayed the configuration details above, many email programs fill in that information for you, and they’re often correct with perhaps a little tweaking on your part.
It’s the most reliable approach because it’s the most direct. Your account sends email through your email provider. There’s no secondary “sending” account needed, and you’re going through the provider associated with your email address.
This is the approach I recommend. (I’ve used an email program for my example above, but you can often configure web mail services, like Gmail, to send and receive email from other accounts in the same way.)
Do this
If you can, use a full email account to send email from that account.
Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Podcast audio
Footnotes & References
1: When no password is required, it’s referred to as an open relay, which is ripe for abuse by spammers.
I can’t see how anyone but a large business would use approach #2, a send only account. If you send from that account your recipient will see that address and sometimes press the reply button on that email. Some large businesses do this and the return address is of the format noreply@somerndomisp.com. I don’t see many other users needing this.
I use #3 with Thunderbird.
Note that the Send-only account is for logging in only. The FROM: address (and the address replied to) are still your address.