If you’ve got a basic Gmail account like
firstname.lastname@example.org (ie not a full
Google Workspace account) and a custom domain
that you want to send email from, using Gmail’s “Send mail as” functionality,
and you want to use this domain with Cloudflare’s email routing then this guide is for you…
First some background. Why would you want to do this? Typically, if you have a
custom domain that you want to use for email, then you’d have to administer
or have access to an email server for it. This email server will need to have DNS
MX records set
up for it, and will also need a good sender reputation if your emails aren’t
going to end up in spam.
Normally, to “Send mail as” in Gmail, you’d enter the custom domain’s email server SMTP details, and your email username and password. Then when you send emails from Gmail, Google contacts that mail server, and the emails go out from it, rather than from Gmail.
The advantage of this is that you can let the domain’s email server sign the emails with a DKIM signature, as well as having whatever email addresses you want on that custom domain. The downside, is that you need an email server, and inboxes for those custom addresses.
However, now that Cloudflare have made email routing available for domains where they are the authoritative nameserver (host your domain’s DNS records), you can use Gmail to send emails using your custom domain, and Cloudflare to route them, doing away with the need for a custom mailserver entirely.
How to use Gmail’s “Send mail as” with a custom domain and Cloudflare email routing
1. Configure Cloudflare
You’ll be given some DNS records to set up by default, but you’ll want to alter these slightly.
1.1 Edit your SPF record
spf TXT record will need to look like this:
v=spf1 a mx include:_spf.google.com include:_spf.mx.cloudflare.net ~all
– we’ve added
a mx include:_spf.google.com to indicate that google can send on our behalf, along with Cloudflare.
1.2 Edit your DMARC record
Change it so it looks like this:
v=DMARC1; p=none; rua=mailto:email@example.com; aspf=r;
example.com is your custom domain. The email address in the
rua field can be anything at your custom domain; it’s where email providers will periodically send you aggregated reports about your domain’s email.
We’ve set the domain policy
none (other options are
reject if sending mail fails to pass DMARC checks). The SPF alignment policy
aspf is set to relaxed
Setting the above is critical to not getting your custom domain’s email bounced or rejected, especially as it won’t be DKIM signed by Gmail.
1.3 Create an Email Route
In your Cloudflare dashboard, click the Email option, then add a destination address - use your regular gmail address
firstname.lastname@example.org etc. You’ll need to click the email that’s sent to you to confirm this.
Once you’ve done that, you can add a custom email address e.g.
email@example.com and route it the gmail address you just confirmed.
2. Configure Gmail
Next we’ll do the Gmail configuration.
2.1 Create an app password
First you’ll need to create an email app password in your Google account. Go to https://myaccount.google.com/apppasswords and choose
Other for the device.
Copy the password that’s generated for you.
2.2 Add the email address to Gmail’s “Send mail as” section
There are detailed instructions on adding a new email address, but it’s relatively easy. Go to your Gmail account settings and in the Send mail as: section, click the Add another email address option.
In the pop-up, enter your custom domain’s email address, untick the Treat as an alias option, click the Specify a different “reply-to” address link and add the same custom email address in there. Then click Next Step.
Overwrite the value for SMTP Server. Use
smtp.gmail.com, leave the Port option as is.
Username should be the name part of your regular gmail address, so if you’re
firstname.lastname@example.org then you’d enter
your.name. The Password is the email app password that you generated above. Click the Add Account button. You’ll be sent an email to the custom email address you entered. Click the link in this, and you’re good to go.
You’ll be able to compose emails in Gmail and set the sender to your custom domain email address, and when people reply, Cloudflare will route these back to your regular gmail account, all without you needing a separate custom mail server.
Things to be aware of
Your primary gmail address is visible in the email headers
If you send email using the alias you’ve set up, your primary gmail address is shown in the email headers - you can’t mask your original gmail email.
As long as you’ve added the correct SPF DNS record, your deliverability should be fine. The email won’t be DKIM signed by Gmail, but it will pass SPF checks.
This HN comment suggests otherwise, but I actually tested deliverablity using mail-tester.com and got a score of 7.5/10. The email lost 0.5 because it was an alias coming from gmail (
HEADER_FROM_DIFFERENT_DOMAINS), 1 for not being DKIM signed (which is OK, as long as you have SPF set up correctly as above) and 1 because Gmail is in some email blackhole lists ¯_(ツ)_/¯
- Patch for aarch64 (aka arm64) openssl 1.0.2 'relocation R_AARCH64_PREL64 against symbol OPENSSL_armcap_P error'
- TIL: the `NO_COLOR` informal standard to suppress ANSI colour escape codes
- Copy the contents of a branch into an existing git branch without merging
- Adding search to a static Jekyll site using pagefind
- asdf, python and automatically enabling virtual envs