DEAR Sending Email and DKIM Configuration
POSTING ON BEHALF OF A CUSTOMER***
I just recently began to use DEAR at our company. One of the biggest gripes I have is with the email settings. There are essentially two options: send from DEAR (firstname.lastname@example.org) with your/billing contact's name or send as your/billing contact's email address. assume I'm not alone in wanting to be able to generate emails from DEAR's systems but appear to be coming from my own company's domain and therefore the first option is out of the question. The second option it is then.
However - as I've learned the last couple weeks is that I don't believe DEAR puts the correct email headers together when sending out emails on behalf of my company's domain. It says its coming from my company's domain, however in actuality it is coming from post.dearsystems.com. Spam filters (especially Microsoft 365) does not like the domain mismatches in email headers and junks the messages. I confirmed with support that there are no other alternatives to have this done properly.
Since communicating seamlessly with customers/other businesses via email for quotes, invoices, shipping notifications, etc. is critical I believe that DEAR needs to implement a better email solution.
DEAR requires/recommends that we set up appropriate SPF records designating DEAR's email servers to send on behalf of our domain which would work if they were sending the emails correctly (I think).I believe the problem is that DEAR is using their own DKIM signatures on outgoing emails (even on behalf of our domain), which forces them to send from the post.dearsystems.com domain which is what causes the domain mismatch issue. DEAR needs to either send non-DKIM signed messages so that the SPF records work as intended, or generate DKIM signatures for their subscribers' domains and then provide the appropriate DNS records to their subscribers. That way messages originating from DEAR's infrastructure are signed with the appropriate DKIM key and are verified via the subscriber's DNS domain key record.
This thread [https://support.dearsystems.com/support/discussions/topics/1000072104] from 6 years ago! suggests allowing us to email from our own servers which may work also, but I think is unnecessary if DEAR sends properly from their own infrastructure.
My workaround is to send emails from email@example.com to my own mail server, decode the specially formatted message, and then send the message (and attachments) to the appropriate recipient. Because its coming from my mail servers I avoid the whole mess of sending from DEAR to my customers. I'm happy to share more detail if anyone is interested (though the solution is specific to Microsoft 365 and Power Automate).
Thanks and I hope everything above is technically accurate!!
3 people like this idea