Skip to main content

Any unicorns out there running without setting up SPF and DKIM for emails? If you are, please DM me. I am dead in the water, hands tied, and running out of options.

@lhubbard  why sending without SPF and DKIM? It’s just two entries in your DNS, it shouldn’t take no more than 5 minutes to confgure.

Technically you can be sending emails without DKIM and SPF, however, the deliverability will be very low. Messages will be marked as impossible to determine if they are coming from a legitimate sender and will most likely end up in people’s spam/junk folders.

In any case, make sure not to use your company’s main email domain, as all those messages detected as SPAM, will be decreasing the reputation of your entire domain. So, after some time, even emails sent from your email program with a proper SPF/DKIM, may be ending up in spam folders.

For any mass-mailing, you should use a subdomain (e.g. @notifications.company.com) or a dedicated domain (may be something entirely different like @academy-mail.com) with at least an SPF record created. Note, that the email domain doesn’t need to be the same as the address of your learning platform, of course the best, if it’s similar, so people won’t get confused.

 

You may also check with Docebo if it’s OK to use the docebosaas.com in the return address, this will be different, but should not get rejected as SPAM, as they probably do have relevant SPF records created.

Ultimately, may be better to consider using alternative ways of delivering notifications - Slack, in-app, instead of email.


@alekwo  Running without because internal policy says no dice. I have zero wiggle room there.

 

Docebo does not allow you to use anything with a Docebo domain in the From section on a Notification.

Note- this is different than the Advanced settings or the place where password resets are.

 

We don’t have Slack.

We’ve been using email notifications for years, it was expected to be available when we moved to our new platform (Docebo). I can steer towards in app notifications, but I anticipate pushback (understatement).


@lhubbard  I don’t see many alternatives. As said, technically it will work, but it’s not a good idea and the user experience will be bad.

I’d rather try to work with people who defined those policies on getting an approval to register a dedicated domain for those notifications and configure SPF/DKIM there.

You can make a case, that every information security training is putting lots of emphasis on looking for potentially fake emails trying to phish people’s credentials. So, it would be creating a dangerous exception, if you start sending such emails on your own and keep telling your users to ignore the warnings.

As said, I’d suggest asking for a dedicated domain, which will be different to your standard email domain, so there will be no risk that someone will be able to use Docebo to impersonate an internal email address.

Getting a new domain is just a few dollars per year.

 

Re: using docebosaas - what’s a default from: address when you get a new Docebo instance created? In the end, you don’t have to use a custom domain for the platform, and I believe there was something in the “from:” address before we changed it to our own address. Or maybe I’m wrong, this was a long time ago when we were setting this up.


@lhubbard we’re running without DKIM as if we enable it on our server it blocks lots of our client emails. Docebo use two servers to send out notifications, one for people who have both SPF and DKIM enabled and the ‘other’ server for if you don’t. The ‘other’ server is slower and clunkier, so any issues or bugs with the emails we get hit. It is possible but it does end up with Docebo refusing or being stubborn about fixing any issues as we’re not running both SPF and DKIM. Good luck


@Lucy.blake  That is the wall that I have run into. Thank you for the insight.


Does anyone know if Docebo can send emails through an email relay service?  I’m about to run into the same issue with DKIM not being allowed.


@nomo22  I don’t know the answer to that. I can tell you we are currently exploring the dedicated domain option.


How about MX? What is it exactly and is it as important as SPF and DKIM? In this article it seems like it is important to configure all 3 records. but I have seen people mostly talking about SPF and DKIM, but not MX. 

 


Our IT dept won’t use SPF or DKIM, so I’m unable to send email notifications. I’m doing in-app notifications instead. Not ideal, but at least it’s something. 


We are having the same issue - our IT department is good with DKIM, but SPF is a different story. We tried a workaround using the server IP addresses but Docebo’s server that is restricted to only folks with DKIM and SPF set up doesn’t recognize that we have SPF set up because we didn't’ do it according to their strict requirements. We’ve had too many instances of users not getting notifications because we are limited to their “clunky” server… very frustrated and hoping for a solution soon! 


Reply