SendGrid email service
The SendGrid Simple Mail Transfer Protocol (SMTP) proxy service provides outbound email authentication and reputation monitoring services, including support for:
- All outbound transactional emails
- Dedicated IP addresses
- Domain registration, DomainKeys Identified Mail (DKIM) signatures for email domain validation (for Pro Staging and Production environments only)
- Custom domain registration (for Pro only)
- Automated integration for Starter and Pro integration environments. Pro Production and Staging environments require manual provisioning and configuration during the Infrastructure as a Service (IaaS) hardware provisioning process
The SendGrid SMTP proxy is not intended for use as a general-purpose email server to receive incoming email or for use with email marketing campaigns.
Enable or disable email
You can enable or disable outgoing emails for each environment from the Cloud Console or from the command line.
By default, outgoing emails are enabled on Pro Production and Staging environments. However, Outgoing emails may appear disabled in the environment settings until you set the enable_smtp
property through the command line or Cloud Console. You can enable outgoing emails for integration and staging environments to send two-factor authentication or reset password emails for Cloud project users. See Configure emails for testing.
If outgoing emails must be disabled or re-enabled on Pro Production or Staging environments, you can submit an ÃÛ¶¹ÊÓƵ Commerce Support ticket.
SendGrid dashboard
All Cloud projects are managed under a central account, so only Support has access to the SendGrid dashboard. SendGrid does not provide subaccount restriction features.
To review the Activity logs for delivery status or a list of bounced, rejected, or blocked email addresses, submit an ÃÛ¶¹ÊÓƵ Commerce Support ticket. The Support team cannot retrieve activity logs older than 30 days.
If possible, include the following information with your request:
- the affected email address or addresses
- the timeframe in question (within the past 30 days only)
- the subject of the email
DomainKeys Identified Mail (DKIM)
DKIM is an email authentication technology that enables Internet Service Providers (ISPs) to identify both legitimate and fake sender addresses, a technique commonly used in phishing and email scams. DKIM relies on a domain owner managing the DNS records. When using DKIM, the sender server uses a private key to sign the messages. Also, the domain owner adds a DKIM record, which is a modified TXT
record, to the sender-domain’s DNS records. This TXT
record contains a public key that recipient mail servers use to verify the signature of a message. The DKIM public-key cryptography procedure enables recipients to verify the authenticity of a sender. See .
Sender and domain authentication
For SendGrid to send transactional emails on your behalf from Pro Production or Staging environments, you must configure your DNS settings to include the three SendGrid subdomain DNS entries. Each SendGrid account is assigned a unique TXT
record which is used to authenticate outbound emails.
example.com
) is configured, the emails from example.com
would be blocked by Sendgrid.To enable domain authentication:
- Submit a support ticket to request enabling DKIM for a specific domain (Pro Staging and Production environments only).
- Update your DNS configuration with the
TXT
andCNAME
records provided to you in the support ticket.
Example TXT
record with account ID:
v=spf1 include:u17504801.wl.sendgrid.net -all
Example CNAME
records:
DKIM signatures and automated security
You can select between automated and manual security when setting up an authenticated domain. If you choose automated security, SendGrid manages your DKIM and SPF records automatically. When you add a new dedicated sending IP address to your account, SendGrid updates your DNS settings and DKIM signature immediately. If you turn off automated security, you are responsible for updating your DKIM signature anytime you change your sending domain.
Example automated security enabled:
subdomain.mydomain.com. | CNAME | uxxxxxx.wl.sendgrid.net
s1._domainkey.mydomain.com. | CNAME | s1.domainkey.uxxxxxx.wl.sendgrid.net
s2._domainkey.mydomain.com. | CNAME | s2.domainkey.uxxxxxx.wl.sendgrid.net
Example automated security disabled:
me12345.mydomain.com | MX | mx.sendgrid.net
me12345.mydomain.com | TXT | v=spf1 include:sendgrid.net ~all
m1._mydomain.com | TXT | k=rsa; t=s; p=<public-key>
After domain authentication is set up, SendGrid automatically handles Security Policy Framework (SPF) and DKIM records for you. After SendGrid provides the CNAME
records to add to your DNS records, you can add dedicated IP addresses and make other account updates without having to manage your SPF records manually. See .
To test your DNS configuration:
dig CNAME em.domain_name
dig CNAME s1._domainkey.domain_name
dig CNAME s2._domainkey.domain_name
Transactional email threshold
The transactional email threshold refers to the number of transactional email messages that you can send from Pro environments within a specific time period, such as 12,000 emails per month from non-production environments. The threshold is designed to protect against sending spam and potentially damaging your email reputation.
There are no hard limits on the number of emails that can be sent in the Production environment, as long as the Sender Reputation score is over 95%. The reputation is affected by the number of bounced or rejected emails and whether DNS-based spam registries have flagged your domain as a potential spam source. See Emails not sent when SendGrid credits exceeded on ÃÛ¶¹ÊÓƵ Commerce in the Commerce Support Knowledge Base.
To check if maximum credits are exceeded:
-
On your local workstation, change to your project directory.
-
Use SSH to log in to the remote environment.
code language-bash magento-cloud ssh
-
Check the
/var/log/mail.log
forauthentication failed : Maxium credits exceeded
entries.If you see any
authentication failed
log entries and the Email sending reputation is at a minimum of 95, you can Submit an ÃÛ¶¹ÊÓƵ Commerce Support ticket to request a credit allotment increase.
Email sending reputation
An email sending reputation is a score assigned by an Internet Service Provider (ISP) to a company sending email messages. The higher the score, the more likely an ISP is to deliver messages to a recipient’s inbox. If the score falls below a certain level, the ISP may route messages to recipients’ spam folder, or even reject messages completely. The reputation score is determined by several factors such as a 30-day average of your IP addresses rank against other IP addresses and spam complaint rate. See .
Email suppression lists
An email suppression list is a list of recipients that emails should not be sent to if doing so would hurt your sending reputation and delivery rates. It is required by the CAN-SPAM Act to ensure that email senders have a method of opting-out recipients who unsubscribed or marked email as spam. The suppression list also collects emails that bounce, are blocked, or invalid.
To prevent emails from being sent to the spam folder in the first place, follow Sendgrid’s best practices article, .
If some recipients are not receiving your emails, you can Submit an ÃÛ¶¹ÊÓƵ Commerce Support ticket to request a review of the suppression lists and remove the recipient(s) if necessary.
For more details, refer to