Re: SPF for GoogleWorkspace + Shopify (DMARC issues -- surprise!)

SGM411 · ‎01-24-2024

Trying to edit SPF (in order to be able to add DMARC) and getting bounced between Google and Shopify, neither of which are helpful (or knowledgeable).

Shopify didn't stick to their Feb 1 deadline and instead started sending our emails from no-reply@shopifyemail.com today, Jan 24.

So we're trying to edit our SPF correctly as we use GoogleWorkspace to send emails and our domain is thru Google Domains (soon to be Squarespace but they haven't moved ours...yet) but obvi want shopify to send our emails from our address (which is already an authenticated domain). Can anybody from Shopify confirm that this is what our SPF record should list?

v=spf1 include:_spf.google.com include:shops.shopify.com ~all

dtrautz · ‎01-27-2024

Replying because I'm wondering the same and hoping to boost..

SGM411 · ‎01-29-2024

update: google domains automatically creates a DKIM when you start with google workspace...don't follow the steps google/shopify provides for creating DKIM as there's already one on your DNS if you're using google workspace w/google domains...EXCEPT apparently shopify can only work with 1024 DKIM (not 2048) and the DKIM that google domains automatically created when starting google workspace is 2048...

Shopify, are you listening at all? Your support pages and support staff are entirely inadequate, yet again.

MarcosPe · ‎01-29-2024

I need this solved as well.

We use google for my regular emails.

SGM411 · ‎01-29-2024

update two: this is what's worked for us (so far...anyway)

- create DKIM 1024 in google workspace (under apps, workspace, gmail, authenticate email)

- in google domains, delete DNS records ***just under the google workspace header (mx, spf x 2, dkim)*** (the only option for us was to delete--when we clicked on manage, it just went to the email tab)

- still in google domains, create a new DKIM record using the info from that DKIM 1024 you just created in google workspace

- go back to google workspace where you created the DKIM and click on start authentication...they say it may take 24-48 hours but was pretty quick for us...after a about 20 minutes and refreshing page, the status changed to "email authenticating"

- return to google domains and create new MX record -- below is what google domains gave us:

Host name: leave it blank
Type: MX
TTL: 3600
Data: 1 aspmx.l.google.com

Click "Add more to this record" four times and add these values under Data:

5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
Click Save.
If there's a prompt, click "Yes, replace records."

- then create your SPF as txt (we have other providers beside google and shopify but for just those two, we used
"v=spf1 include:_spf.google.com include:shops.shopify.com ~all"

- then add your DMARC

If anybody from shopify is out there and any of this is incorrect, would be great if you'd chime in...

We sympathize with everybody having a heck of a time dealing with this given shopify's extremely lacking DMARC support.

Altimate · ‎03-18-2024

THANKS for this - we will try this at our end.
One small note to all non-tech people "A Domain name can have ONE SPF RECORD ONLY", hence for us as we were non-google domain we added the shopify part to the SPF line - e.g. as follows

"v=spf1 include:YourNormalSPFRecord.com include:shops.shopify.com ~all"

TVNEnterprises · ‎02-02-2024

EcomBack has created an easy guide to setting up DMARC and SPF for Shopify and Klaviyo as well as tips on how to make email content accessible. Here is the blog post: https://www.ecomback.com/blogs/easy-steps-to-enhance-email-security-with-spf-dmarc-and-dkim-records

Re: SPF for GoogleWorkspace + Shopify (DMARC issues -- surprise!)

SPF for GoogleWorkspace + Shopify (DMARC issues -- surprise!)

Community Blog Articles