Email Authentication based on Client Domain
We want the FROM address set to our domain so that 'via Shipstation.com' does not appear on gmail. We also want to include your spf/senderId records in our spf/senderId records, have the email signed with our DKIM key and have the links use our subdomain instead of email.shipstation.com.
Here's how this works on a few of the major ESPs:
This will significantly improve deliverability and professional appearance.
VP of Marketing Technology
I’ve posted the following response to our ShipStation community thread and want to also share here for transparency:
Thank you for your candor with your feedback. We definitely understand and appreciate that the lack of responsiveness on this specific issue has been frustrating. We are working internally to improve how we review and respond to feedback so this doesn’t keep occurring in the future. And we apologize for failing to meet our users’ expectations around this feedback. We will do better and changes are already happening.
Our product team is investigating how to implement a workable solution for this that will not impact other existing functionality and properly uses the notification service that’s embedded in ShipStation. There are really two issues here that need to be addressed and they don’t affect all users equally:
Spam – ensuring the notification makes it to your user without getting filtered to their spam folder or blocked entirely.
Domain validation – which validates that you own and control the domain your email is coming from (there are some additional considerations here about what level of control should be implemented within ShipStation around these email settings – this is where the SPF/DKIM/DMARC/etc details come in).
Because of ShipStation’s level of configurability, we also have to consider the impact any change will cause to the experience of many different types of users. If a change is made available universally, and there are additional settings or configuration options that must be included to accommodate the change, how will this affect the experience of users at different levels? Could it potentially cause a mis-configuration to break notifications entirely? If we don’t implement the change universally, what’s the criteria used to determine this?
As of now, these are a few of the questions our product team is looking at (though there are many more). This change is still in the discovery phase and is not part of the upcoming sprint cycle of development work happening in April. We hope to have some decisions made around this by the end of the month and we’ll update this thread at that time.
In the meantime, we recommend what was suggested early on this thread – remove your email address from your stores’ Branding tab and allow ShipStation to send notification emails from tracking at shipstation dot com. If you have something in the Branding tab’s Company field, that will be used as the display value for the FROM field in your customers’ inboxes.
Thank you again for your input and patience.
Allen Pooley Darn Yarn commented
@Shipstation - You have a feature request from six years ago which you put into the "consideration queue" long after it became critically important. While you consider that, a LOT of us are going to consider the results of a google search for "shipstation alternatives".
Branding is important. Email authentication is important. Having emails coming from @Shipstation.com shatters the illusion for clients. Develop this. Enough is enough.
A C commented
Prospective client - can't believe this isn't available, I've been having to test out of my junk folder which is just ridiculous. All our other vendors are provide spf info so that this is a non-issue...
Dakota Hoard Big Frig commented
You guys are using SendGrid, right? Domain authentication of a platform's clients is a totally routine thing for them. I'm struggling to understand how this is taking so long unless ShipStation simply doesn't care. Do we really have to explain the critical importance of email deliverability and advocate for it for years? Let's address the fundamentals before we devote resources to superfluous features.
6 years this has been waiting...
We are actively working with our email notification partner to update the email notification process in ShipStation. We’ve taken your comments into consideration to help plan for how any new processes will be implemented.
When we've solidified a plan, we'll update the status of this idea to Planned.
I was reminded to come back to this thread after getting an email from ShipStation bragging about SMS support: "You asked, we listened"
Turns out SMS notifications have 152 votes and we're sitting here with 283 votes and 92 comments on a mission critical feature and you're still twiddling your thumbs.
ShipStation is a zombie company.
What is ShipStation's Sendgrid SPF Record? Per Sendgrid:
Each SendGrid account gets a unique SPF TXT record to authenticate their outbound mailings. An example of such a record is:
v=spf1 include:u123456.wl.sendgrid.net -all
If you can tell us what to use in place of "u123456.wl" that will help. Doing a TXT record lookup on shipstation.com it looks like it should be: "u877888.wl139.sendgrid.net"
We have that in place, but many gmail and yahoo users do not get their tracking emails. If you can provide a setting to send the emails as "firstname.lastname@example.org" but set a Reply-To field on those emails to our store emails that would allow the emails to be sent from a valid server and customer could still reply to us with question.
Go Fish Media | Shipping commented
Kudos to @lunacoffee for bringing up this very important issue recently in the Community Forums. And also kudos to @nick for providing a very useful, though not ideal and hopefully temporary, workaround: "remove your email address from your store setup page" and the "customer will get the email."
Yesterday it got worse; or better depending on your perspective? Status: 4.4.7 notices piling up in our customer support system.
100's of email delay notices streaming through since yesterday. At least we can confirm all the customers that have been complaining of no ship notice are justified.
Does anyone have recommendations for a replacement that is not a zombie app? Endicia was our backup but now they're just more of the same. We can't wait another 4 years for basic maintenance let alone innovation.
ShipStation used to make us happy (using 5+ years). That has not happened for quite some time.
Seriously? 4 years between replies from SS?
Gmail rejects all emails from ShipStation now. Not in spam folder, just blocked.
@Christo what do you use now? I'm open to switching platforms since nothing is keeping me here.
I've just started evaluating Shipstation. Lol. Basic fail. I have a perfectly good AWS SES dispatch confirmation with tracking code from a Woocommerce plugin. Every single evaluation point so far is worse than what I have now.
Teresa White Green Brier Distillery commented
We have implemented DMARC as part of an initiative to secure our brands and domains. Unfortunately, email delivery to our customers may be impacted if domain authentication is not available. We have worked with our other vendors to generate DKIM keys to prevent spoofing of our domains. This would be a great feature for you to provide us with.
Is there any solution on this issue?
Ben Bow commented
What are you using now @Jason?
Jason Lathrop Tektonic Candles commented
We left ShipStation over this issue, this week. Best of luck to those sticking around for this.
Ben Bow commented
Just ended up here trying to fix a problem that was my fault. Surprised to see its something that Shipstation could be actively improving on.
@Alan Attridge Myshroom Deedum LLC we're watching our DMARC reports and basing the SPF IP entries off of what we see. We've just recently started this, so a bit of time will tell if it works or not.
Seeing as SS uses sendgrid for the tracking notification emails, it's that range that's needed. I personally don't like to many IP address entries in SPF, but it's a necessary "evil" at this time due to the way SS does this. I'll report back on my findings.
PopShadow Decals PopShadowDecals commented
It doesn't really look like anyone is paying attention to this thread. It's actually so easy to fix, i can't believe we're being ignored.
Alan Attridge Myshroom Deedum LLC commented
@GPZ: Care to share the IP range? Thanks.