How to Fix Email Forwarding Failures Using SRS
Note: This is a complex technical procedure. Do not attempt this unless you know exactly what this stuff all is and what you are doing! Proceed at your own risk.
As of January 2026, Google has retired the "Check mail from other accounts" POP3 feature for Gmail. This means the service no longer supports pulling emails from external providers via POP3. Moving forward, setting up email forwarding is the primary way to manage a custom domain through the Gmail web interface.
Note: This guide assumes you already have your DKIM and DMARC records properly configured for your domain.
GOAL: For custom domain names, email forwarding must use SRS (Sender Rewrite Scheme) so that SPF checks do not fail. This is critical when using your own domain, such as fred@mycustomdomain.com, with Gmail.
SOLUTION: Use a Domain Host or DNS Host that supports SRS to forward your emails to Gmail. This fixes the SPF "breakage" that occurs during standard forwarding. Note that you will continue to SEND emails through your current outbound SMTP server.
GENERAL STEPS
1) Create a backup configuration of your DNS records. Export these from your current provider's portal. Ensure you capture every record, including "internal" or hidden records used for specialized services.
2) Move DNS Hosting to Cloudflare. Update your nameservers at your registrar to point to Cloudflare's servers.
3) Fix anything that might break during the DNS move. Identify services like domain forwarding or existing email forwarding that your previous DNS host was providing and replicate them in the Cloudflare dashboard.
4) Move Domain Registry to Cloudflare (Optional). While not strictly required, it is often easiest to have the DNS host and the registry be the same.
5) Wait 24 hours for propagation. Check that your DNS host has properly updated globally. Confirm that all services from Step 3 are stable.
6) Set up Email Routing at Cloudflare. Configure "Email Routing" for each address you want to forward to Gmail. Cloudflare will automatically suggest the necessary records. Crucial: If you already have an SPF record for your existing mail server, do not let Cloudflare overwrite it. You must merge the records so that you only have one v=spf1 statement containing all necessary "includes."
7) Fix the SPF records for Inbound and Outbound mail. Your SPF record must authorize both the forwarding path and your outbound sending path.
- The Forwarding Path (Inbound): Cloudflare requires include:_spf.mx.cloudflare.net.
- The Sending Path (Outbound): You must include your actual outbound mail server.
- Example merged record: v=spf1 include:_spf.mx.cloudflare.net include:your-mail-server.com ~all
8) Test inbound forwarding. Send emails from various external services (Yahoo, Outlook, etc.) to your forwarded addresses. Check the headers in the receiving Gmail account to ensure SPF, DKIM, and DMARC all report a "PASS."
9) Test outbound sending. Send outbound emails from your custom domain and verify they are received by outside accounts. Since you have not changed the outbound SMTP path, these should remain functional, provided your SPF record was merged correctly in Step 7.
_______________________________________________
References and Resources
- Google Support: Upcoming changes to Gmailify and POP in Gmail
- Cloudflare Documentation: How Email Routing and SRS work
- Industry Standard: Understanding the Sender Rewrite Scheme (SRS
No comments:
Post a Comment