It looks like you're new here. If you want to get involved, click one of these buttons!
Use a basic Gmail account to "Send mail as" with a domain that uses Cloudflare email routing
May 6, 2022
If you’ve got a basic Gmail account like your.name@gmail.com (ie not a full Google Workspace account) and a custom domain that you want to send email from, using Gmail’s “Send mail as” functionality, and you want to use this domain with Cloudflare’s email routing then this guide is for you…
ytho?
First some background. Why would you want to do this? Typically, if you have a custom domain that you want to use for email, then you’d have to administer or have access to an email server for it. This email server will need to have DNS MX records set up for it, and will also need a good sender reputation if your emails aren’t going to end up in spam.
Normally, to “Send mail as” in Gmail, you’d enter the custom domain’s email server SMTP details, and your email username and password. Then when you send emails from Gmail, Google contacts that mail server, and the emails go out from it, rather than from Gmail.
The advantage of this is that you can let the domain’s email server sign the emails with a DKIM signature, as well as having whatever email addresses you want on that custom domain. The downside, is that you need an email server, and inboxes for those custom addresses.
However, now that Cloudflare have made email routing available for domains where they are the authoritative nameserver (host your domain’s DNS records), you can use Gmail to send emails using your custom domain, and Cloudflare to route them, doing away with the need for a custom mailserver entirely.
How to use Gmail’s “Send mail as” with a custom domain and Cloudflare email routing
Cloudflare, if not you’ll need to change the domain’s authoritative nameservers first. Then you can setup Cloudflare email routing.
You’ll be given some DNS records to set up by default, but you’ll want to alter these slightly.
1.1 Edit your SPF record
Your spf TXT record will need to look like this:
v=spf1 a mx include:_spf.google.com include:_spf.mx.cloudflare.net ~all
– we’ve added a mx include:_spf.google.com to indicate that google can send on our behalf, along with Cloudflare.
1.2 Edit your DMARC record
Change it so it looks like this:
v=DMARC1; p=none; rua=mailto:you@example.com; aspf=r;
– where example.com is your custom domain. The email address in the rua field can be anything at your custom domain; it’s where email providers will periodically send you aggregated reports about your domain’s email.
We’ve set the domain policy p to none (other options are quarantine and reject if sending mail fails to pass DMARC checks). The SPF alignment policy aspf is set to relaxed r.
Setting the above is critical to not getting your custom domain’s email bounced or rejected, especially as it won’t be DKIM signed by Gmail.
1.3 Create an Email Route
In your Cloudflare dashboard, click the Email option, then add a destination address - use your regular gmail address your.name@gmail.com etc. You’ll need to click the email that’s sent to you to confirm this.
Once you’ve done that, you can add a custom email address e.g. special@example.com and route it the gmail address you just confirmed.
2.1 Create an app password
First you’ll need to create an email app password in your Google account. Go to https://myaccount.google.com/apppasswords and choose Email from the “Select app” dropdown and Other for the device.
Copy the password that’s generated for you.
2.2 Add the email address to Gmail’s “Send mail as” section
There are detailed instructions on adding a new email address, but it’s relatively easy. Go to your Gmail account settings and in the Send mail as: section, click the Add another email address option.
In the pop-up, enter your custom domain’s email address, untick the Treat as an alias option, click the Specify a different “reply-to” address link and add the same custom email address in there. Then click Next Step.
https://support.google.com/mail/answer/22370
Gmail account settings: https://mail.google.com/mail/#settings/accounts
email app password that you generated: #21-create-an-app-password