Fix Undelivered Mail Returned to Sender for hosteddomain.com

Posted on September 1, 2022

Gmail was responding with this message everytime I wanted to send an email on gmail account.

The MAIL FROM domain [gilacms.com] has an SPF record with a hard
    fail 550-5.7.26 policy (-all) but it fails to pass SPF checks with the ip:
    550-5.7.26 [216.40.44.12]. To best protect our users from spam and
    phishing, 550-5.7.26 the message has been blocked.

So, what you have to do, is to make sure you setup corrctly your SPF and DKIM on your DNS. They are both needed so gmail wont reject your emails.

SPF Records

Create a TXT record with one of these values

v=spf1 include:_spf.hostedemail.com ~all

if you also use sendgrid for emails, then:

v=spf1 ip4:216.40.44.0/24 include:_spf.hostedemail.com include:u10379184.wl185.sendgrid.net ~all 

You can generate or test your SPF record in these links:

https://www.zerobounce.net/services/spf-generator.html

https://www.kitterman.com/spf/validate.html

DKIM Records

1. Use DKIM key generator. For example https://easydmarc.com/tools/dkim-record-generator

2. Add the public key as a TXT record on the domain's DNS zone file. With subdomain <Selector>._domain key and value v=DKIM1;t=s;p=......

3. Log into the MAC and search for the domain in the top left.  On the domain overview page you will see a "DKIM" section, click to expand.  In the DKIM section there are two fields: Selector and Key.  Enter the selector you set for the domain and paste the private key into the key field.

Sources:

https://help.opensrs.com/hc/en-us/articles/203244333-Sender-Policy-Framework-SPF-
https://help.opensrs.com/hc/en-us/articles/4538515834267-Gmail-delivery-issues
https://help.opensrs.com/hc/en-us/articles/219554047-How-to-Setup-DKIM-for-Hosted-Email-Domains