Summary
The presence of multiple domains associated with the 'Mail From' field stems from SMTP standards and email authentication protocols. The 'smtp.mailfrom' domain, verified by SPF, specifies the envelope sender. The Authentication-Results header displays various domains involved in authentication, including domains for DKIM and HELO/EHLO. The HELO/EHLO domain, though not in 'Mail From', affects deliverability through SPF checks. Additional domains can be the receiving domain or the authserv-id (often meaningless). Domain reputation, proper bounce handling, and alignment between HELO/EHLO and 'Mail From' are critical for deliverability. Older methods like Sender ID are less impactful than SPF, DKIM and DMARC.
Key findings
- SMTP and MAIL FROM: RFC standards define 'MAIL FROM' for specifying the reverse path, crucial for SPF.
- SPF Validation: 'smtp.mailfrom' undergoes SPF verification, acting as the envelope sender's identifier.
- Auth Results Diversity: The Authentication-Results header shows domains for SPF, DKIM, HELO, and potentially receiving servers.
- HELO Significance: The HELO domain plays a vital role in authentication and can impact deliverability.
- Reputation Effects: The reputation of all involved domains can impact email deliverability significantly.
- Sender ID Obsolete: Older methods, like Sender ID, are less significant in authentication processes.
Key considerations
- Enforce SPF Alignment: Ensure the HELO domain aligns with the 'MAIL FROM' domain, and both have correct SPF records.
- Check Headers: Examine headers like 'Received' and 'Authentication-Results' to understand the domain paths and authentication outcomes.
- Monitor Reputations: Monitor the reputation of all sending domains to ensure deliverability rates remain high.
- Ensure Bounce Handling: Properly configure bounce handling for the 'MAIL FROM' domain.
- DMARC: Implement DMARC, as multiple domains can be used for phishing.
What email marketers say
6 marketer opinions
Multiple domains in the 'Mail From' field and related authentication headers are primarily due to various email authentication mechanisms like SPF, DKIM, and DMARC. The 'smtp.mailfrom' domain is verified by SPF, while others can be related to DKIM signatures or HELO/EHLO. Domain reputation, alignment of domains (HELO/EHLO vs. MAIL FROM), and proper bounce handling all significantly affect deliverability. Failure of authentication for any domain involved can negatively impact whether the email reaches the inbox.
Key opinions
- Multiple Domains in Auth: The presence of multiple domains in authentication headers is a result of various email authentication processes.
- SPF Verification: The 'smtp.mailfrom' domain is verified by SPF and acts as the envelope sender.
- Domain Reputation: Domain reputation of any domain involved can significantly affect deliverability.
- Alignment Matters: Alignment between HELO/EHLO and MAIL FROM domains is crucial for avoiding deliverability issues.
- Bounce Handling: Proper configuration of the 'MAIL FROM' domain for bounce handling is critical for deliverability.
Key considerations
- Monitor Domain Reputation: Regularly monitor the reputation of all domains used in your email sending infrastructure.
- Ensure SPF/DKIM Alignment: Ensure proper alignment between SPF and DKIM records to improve authentication.
- Proper Bounce Configuration: Configure the 'MAIL FROM' domain to correctly handle bounces to avoid being flagged as a spammer.
- HELO/EHLO Configuration: Ensure the HELO/EHLO domain aligns with the MAIL FROM domain to avoid raising red flags.
- Authentication Results: Pay attention to the 'Authentication-Results' header to diagnose authentication issues and improve deliverability.
Marketer view
Email marketer from EmailOnAcid describes that the Authentication-Results header provides a summary of the authentication checks performed on the email. It explains different mechanisms like SPF, DKIM and DMARC that were applied. The header can display several domains that participated in the process of email verification. If the SPF and DKIM alignment don't line up then it can cause problems.
27 Dec 2024 - EmailOnAcid
Marketer view
Email marketer from GlockApps shares that domain reputation significantly impacts deliverability. If one of the domains involved (e.g., the sending domain or a domain used in redirects) has a poor reputation, it can negatively affect whether the email reaches the inbox. Monitoring domain reputation is crucial for maintaining good deliverability.
1 Aug 2023 - GlockApps
What the experts say
5 expert opinions
The presence of multiple domains related to the 'Mail From' field in email headers is explained by several factors including SPF verification, HELO/EHLO checks, and the inclusion of the authserv-id. The 'smtp.mailfrom' domain is the envelope sender verified by SPF, and the HELO/EHLO domain, while not directly in the 'Mail From' field, can also impact deliverability if it doesn't align with the SPF record. The second domain may also be the authserv-id, used in authentication results, or the receiving domain. ISPs consider all domains involved in the transaction when assessing email reputation and deliverability. Sender ID is an older method for determining the sender's identity, however is now not as important.
Key opinions
- SPF Verification: The 'smtp.mailfrom' is the envelope sender and is verified by SPF.
- HELO/EHLO Impact: The HELO/EHLO domain is checked during SPF authentication and can affect deliverability.
- Authserv-id: The second domain may be the authserv-id, which is used in authentication results.
- ISP Reputation Assessment: ISPs consider all domains involved in the email transaction when assessing reputation.
- Sender ID Relevance: Sender ID is an older, less significant authentication method.
Key considerations
- SPF Alignment: Ensure the HELO/EHLO domain aligns with the sending domain's SPF record to improve deliverability.
- Monitor Domain Reputation: Pay attention to the reputation of all domains involved in your email sending practices.
- Check 'Received' Header: Examine the 'Received' header to identify the HELO and other domains involved in the email's path.
- Understand Authentication Results: Familiarize yourself with the Authentication-Results header to understand how different domains are being evaluated.
Expert view
Expert from Email Geeks explains that the second domain in the authentication results might be the receiving domain, and it's unlikely to be included in the reputation calculation.
10 Feb 2023 - Email Geeks
Expert view
Expert from Email Geeks explains that smtp.mailfrom is the envelope from, which is verified by SPF. He also suggests the second domain might be the HELO, which SPF also checks against. Mentions that ISPs consider other domains in the transaction when assessing reputation, and you can check the 'received' header to see the HELO.
9 Feb 2023 - Email Geeks
What the documentation says
3 technical articles
The presence of multiple domains in relation to the 'Mail From' field is explained by the intricacies of SMTP and email authentication. RFC documents establish the 'MAIL FROM' command specifies the reverse-path, vital for SPF authentication. Microsoft's documentation clarifies the 'Authentication-Results' header can display different domains involved in the email path, including 'smtp.mailfrom' (verified by SPF), DKIM signature domains, and the receiving domain. Multiple domains reflect the different authentication stages and services involved in validating an email sender.
Key findings
- SMTP MAIL FROM: The 'MAIL FROM' command specifies the reverse-path or envelope sender.
- SPF Authentication: SPF uses the domain in the 'MAIL FROM' for authentication.
- Authentication-Results Header: The 'Authentication-Results' header can show multiple domains involved in authentication checks.
- Multiple Domains Reflect Stages: Multiple domains reflect different stages and services in email validation.
Key considerations
- Understand MAIL FROM: Understand the role of the 'MAIL FROM' command in specifying the reverse-path.
- Implement SPF: Implement SPF to authenticate the 'MAIL FROM' domain.
- Interpret Authentication Results: Learn to interpret the 'Authentication-Results' header to identify the different domains and authentication checks performed.
- Authentication Processes: Be aware that multiple authentication processes occur during email validation.
Technical article
Documentation from RFC Editor explains that SPF uses the domain in the 'MAIL FROM' (envelope sender) for authentication. The receiving server checks if the sending server is authorized to send email for that domain. It doesn't directly address two domains but establishes the importance of the 'MAIL FROM' domain for authentication.
19 Jan 2023 - RFC Editor
Technical article
Documentation from RFC Editor explains that the 'MAIL FROM' command in SMTP specifies the reverse-path, which can be a null path (<>) or an email address. While it doesn't directly address two domains, it establishes the syntax for the envelope sender.
29 Jun 2024 - RFC Editor
Can smtp.mailfrom be different from return-path and can bounces be returned directly to sender?
How do I ensure email deliverability with different return-path addresses and subdomains?
What are common terms for the envelope.from domain in email marketing?
What are the differences between 5321.from and 5322.from in email headers?
What does the 'Mail From' mean in DMARC reports and how does it relate to SPF and DKIM for Zendesk?
