I’d like to use the SMTP relay facility from Google Workspace [1] to send emails, and I’d prefer to use IP authentication, rather than username/password authentication - especially since I have 2-factor authentication implemented.
To get this to work, I’d need to be able to (a) whitelist the IP addresses of your mail servers in the Google Workspace admin console, and (b) instruct QuickFile to use an SMTP server without authentication.
Would this be possible?
(As a note, ideally, instead of this I’d like to update the SPF record on my domain to allow your mail servers to send from it, and then specify the sending domain in the QuickFile email settings somewhere, which I feel would be a simpler/more secure/less hassle solution)
You can use our default set up, however these mail servers are actually AWS rather than our own. We don’t currently send emails from your domain name, only the quickfile.co.uk domain, which is already authenticated through Amazon. We do however set a reply-to address which is unique to your account, so all replies are routed back to you.
Thank-you so much for the quick response, and I appreciate you pointing me to the 2FA guide.
I am aware of app passwords, I just prefer to avoid authenticating with my credentials whenever possible, so an IP-based auth based on the G-Suite SMTP would be preferable. However, I understand it’s not so straightforward to support from your end.
Do you think there would be scope in the future for supporting sending from our own domains, provided the SPF records were correctly set-up? I could imagine a system where your own backend verifies the configuration periodically.
As a note, the reason I bring this up is because even with the Reply-To address set appropriately, certain systems are grouping all the emails from QuickFile into one thread, and this means in particular, one of my clients who deals with myself and someone else who also uses quickfile, have emails such as invoices/statements/etc aggregated together, as they all appear from “@post.quickfile.co.uk”.
Thanks again for your response, and best wishes,
Tom
It was something we used to support, but unfortunately it caused more problems than it resolved, even with the relevant SPK records in place. Even then, it only takes a few spam reports to blacklist any IP addresses, which affects all accounts using the same setup rather than just the one. I don’t think it’s likely that it’s something we’ll be re-adding unfortunately.
The app based password set up is the best way to go for this. Although it does mean sharing a password, that password is specifically for QuickFile, and be revoked at anytime through your Google account.