Sending messages via Gmail fails SPF

#1

Hello!

Another person and I are both using email addresses hosted on my account at MXroute, although on different domains. We both use Gmail as a sort of email client: Gmail logs into the MXroute server via POP3 to receive messages, and via SMTP to send them. However, when I receive an email from the other person, Gmail marks it with the question mark icon that says that “Gmail couldn’t verify that [domain] actually sent this message”. I don’t know if this happens when I send an email to the other person or to other people. Looking at the message headers, I found this:


spf=fail (google.com: domain of [sender address] does not designate 209.85.166.51 as permitted sender) smtp.mailfrom=[sender address]
Received-SPF: fail (google.com: domain of [sender address] does not designate 209.85.166.51 as permitted sender) client-ip=209.85.166.51;

Received: from mail-io1-f51.google.com ([209.85.166.51]:44332) by friday.mxlogin.com with esmtpsa

Received: by mail-io1-f51.google.com with SMTP id j4so40869691iog.11

If I understand correctly, Gmail is not acting as the client, but as the sending server. How can it be, if it logs in to the MXroute server to send the message? I entered the MXroute server, port, password, etc. on Gmail.

The exact same setup worked fine with our previous email hosting, about a month ago.

Thanks!

#2

Hey friend!

Unfortunately Google applies SPF to Received headers when importing over POP3. While POP3 import is still what I recommend over forwarding, it would not be possible for you to ensure that every Received header matches SPF for every sender, this is just something that Google is going to keep doing.

The correct method for using SPF is to compare the IP of the server connecting to deliver the email to the domain in the From header. Since POP3 import bypasses this important connection, and they think we might not already do that, Google has opted to use this wrong method of checking SPF as a best effort to bridge the gap.

The short version is that Google doesn’t really want to be your email client software for another email service, and they won’t do much to accommodate it.

I can’t speak to why it didn’t look the same way using another service, as I am at least certain that I understand what they are doing here.

#3

Hi!

Thanks for your reply.

I asked the other person to send me an email as usual (using Gmail as the SMTP client and through MXroute’s server) but directly to my @gmail.com account. SPF passed. Emails from other people retrieved by Gmail via POP3 also pass normally. So it seems that the problem only happens when sending email between email addresses on the same server and retrieving it with Gmail, or something like that. Not a problem, I suppose. Gmail didn’t even send it to spam, just placed that ‘?’ icon there. I was worried that email would be marked as spam by other recipients, but apparently it won’t.

Thanks again!