Any body out there running without SPF and DKIM?

@lhubbard  why sending without SPF and DKIM? It’s just two entries in your DNS, it shouldn’t take no more than 5 minutes to confgure.

Technically you can be sending emails without DKIM and SPF, however, the deliverability will be very low. Messages will be marked as impossible to determine if they are coming from a legitimate sender and will most likely end up in people’s spam/junk folders.

In any case, make sure not to use your company’s main email domain, as all those messages detected as SPAM, will be decreasing the reputation of your entire domain. So, after some time, even emails sent from your email program with a proper SPF/DKIM, may be ending up in spam folders.

For any mass-mailing, you should use a subdomain (e.g. @notifications.company.com) or a dedicated domain (may be something entirely different like @academy-mail.com) with at least an SPF record created. Note, that the email domain doesn’t need to be the same as the address of your learning platform, of course the best, if it’s similar, so people won’t get confused.

You may also check with Docebo if it’s OK to use the docebosaas.com in the return address, this will be different, but should not get rejected as SPAM, as they probably do have relevant SPF records created.

Ultimately, may be better to consider using alternative ways of delivering notifications - Slack, in-app, instead of email.

@lhubbard  I don’t see many alternatives. As said, technically it will work, but it’s not a good idea and the user experience will be bad.

I’d rather try to work with people who defined those policies on getting an approval to register a dedicated domain for those notifications and configure SPF/DKIM there.

You can make a case, that every information security training is putting lots of emphasis on looking for potentially fake emails trying to phish people’s credentials. So, it would be creating a dangerous exception, if you start sending such emails on your own and keep telling your users to ignore the warnings.

As said, I’d suggest asking for a dedicated domain, which will be different to your standard email domain, so there will be no risk that someone will be able to use Docebo to impersonate an internal email address.

Getting a new domain is just a few dollars per year.

Re: using docebosaas - what’s a default from: address when you get a new Docebo instance created? In the end, you don’t have to use a custom domain for the platform, and I believe there was something in the “from:” address before we changed it to our own address. Or maybe I’m wrong, this was a long time ago when we were setting this up.

@Lucy.blake  That is the wall that I have run into. Thank you for the insight.

@nomo22  I don’t know the answer to that. I can tell you we are currently exploring the dedicated domain option.

Our IT dept won’t use SPF or DKIM, so I’m unable to send email notifications. I’m doing in-app notifications instead. Not ideal, but at least it’s something.