DMARC fail

Regarding a domain.square.site (i.e. Weebly), I can't seem to find any supporting documentation explaining the needed DNS changes so that mail sent from there doesn't go to Spam. This involves SPF and DKIM (which according to headers inexplicably do pass, but shouldn't be absent the DNS changes), and DMARC (which does not).


Order emails go "to" the Weebly "Owner" account and come "from" the email listed in Store Information. That "from" address is one of ours, of course, and since emails are being sent from another provider (Weebly uses SendGrid), that's considered spoofing the sender, and such mails go to Spam.


I could go into further details, but I'd just like to be pointed to where what I'm discussing is explained. It must be somewhere, since I see no option of NOT sending "from" one of our addresses as opposed to one of yours (with some exceptions, like the Contact Form).


I don't want to contact support about this since this should be a public discussion to at least get something on this topic into the record.

Message 1 of 9

Welcome to Seller Community and thanks for your post, @sqr.


We don't currently have any documentation specifically about adding a SPF and DKIM records to your domain. For the former, this usually works for most domains:



v=spf1 a mx include:_spf.google.com include:sendgrid.net ~all



I have Google in the record because so many people use G Suite for their domain email.  If other sellers have set up SPF and DKIM records I'd love to see what they are using, though!


Community Moderator, Square
Sign in and click Mark as Best Answer if my reply answers your question.
Message 2 of 9

Sure, I can try adding the Sendgrid part tp SPF, but I hadn't tried that before because the header shows that it's already passing, even though that should be impossible:


Authentication-Results: spf=pass (sender IP is
smtp.mailfrom=promote.weebly.com; ourdomain.ca; dkim=pass (signature was
verified) header.d=weebly.com;ourdomain.ca; dmarc=fail action=none
header.from=ourdomain.ca;compauth=fail reason=601


I don't know if you have access to an Order email, but I'd love to see your pass/fails for those three. Normally, only SPF *or* DKIM need to pass for DMARC to pass, so that's why I'm doubly confused by the above.

Message 3 of 9

Tested, and it made no difference.

Message 4 of 9

Maybe this is something for the Weebly side. I guess I'll try there, though they'll say to try here.

Message 5 of 9

They shouldn't need to pass you back here since this is definitely a question that falls within the Weebly realm. They might need to escalated this to their Advanced Support team for further investigation.


Community Moderator, Square
Sign in and click Mark as Best Answer if my reply answers your question.
Message 6 of 9

I called their support and spoke to someone who was definitely not Advanced, but it was as far as I could get. She would put me on hold and talk to "engineers" herself. That went back and forth a couple times, like I was a customer in a used car dealership, but the end result is that she was told that they don't yet support delivering customer's emails in the correct way to avoid this problem but will take it as a feature request.


I don't believe it, but I did get a fantastic deal on the undercoating.

Message 7 of 9

Until Square support properly reviews and supports this will continue to fail and customers will NOT receive their Order confirmation emails.


We need the proper SPF entry to add for Square to authenticate sending email as our custom domain.


This is a SQUARE SUPPORT issue.

Message 8 of 9

Yes, and good to see some notice of this thread. It's mystifying how this apparently is still a thing, though I'm not excluding the possibility of some action on this somewhere in the last several months since I haven't been pursuing it in that time.

Message 9 of 9