Solved: Re: Square needs to support our many SPF / DKIM re... - Page 2

nsilvialafrance · ‎03-26-2024

I am going to create a thread as often as I can until someone at Square acknowledges the many threads asking for this information. Square needs to acknowledge that this is not "out of scope" for them to provide this information. There are thread after thread of people explaining the technical reasons why Square/Weebly are the ones that need to provide us the DNS records for SPF/DKIM to be able to deliver mail sent by them on behalf of our domain.

Another user in another thread phrased it best: "Square/Weebly is SENDING as YOUR domain from their SMTP servers, so yes without a doubt they need to provide a DKIM record for THEIR sending servers...this is common place for any sender acting as your domain via their servers now. I've been around this circle with them for months with nobody that understands it."

You are using weebly.com and sendgrid.com to send emails ON BEHALF of my domain. You are the ones that need to provide the records for us to add in our domains DNS. If I was sending the emails using my own server, which we do for marketing, I have the appropriate records set up for our vendor - Brevo. Sending us a generic link to a Cloudflare page on how DMARC and SPF and DKIM works is rather offensive. We understand how it works, that is why we keep begging for Square to provide what we need.

You need to provide us with this information or your emails you are sending on behalf of our domain will continue to not be verified and will likely land in customers Junk. We are trying very hard to do everything right here, but Square continues to prove that it is not knowledgeable about DMARC and DKIM and thus our customers are suffering because of it.

Do you see how many people disagree with your answer and Square's stance on this? When will someone at Square take ownership of this and realize that you are running away from the issue rather than actually addressing it? It's truly sad to spend so much money on Square services and processing but know that deep down they don't even want to help or understand how to help with anything technical.

As someone else already said: "Dear god this is ridiculous. Tell your CTO to call me I can explain it to them"

MayaP · ‎03-17-2025

Our team confirmed DKIM and DMARC records are managed by the email provider, not the website host. If you are using a professional email address (e.g., [email protected]), you would obtain these records from the email host and then add them to the domain host. For example, if you use Google Workspace for email, you would request the records from Google and enter them in your DNS settings. To clarify, you can absolutely use DKIM and DMARC records—we just don’t provide them since we are not the email provider. Outside of this, there no plans to implement this on our end, and would still be considered a feature request. Feel free to reach out on Ideate Board to share your thoughts.

@cbstl

MayaP
Square Community Moderator
Sign in and click Mark as Best Answer if my reply answers your question ✨

View Best Answer >

cbstl · ‎03-31-2025

Hi @MayaP. Can you let me know if you've seen my most recent replies above? I don't know who marked your answer as "Best Answer" but it didn't actually address the specific question, as I've tried to explain in detail here.

cbstl · ‎04-03-2025

@MayaP - I'm posting another request for you to acknowledge that you've seen my most recent replies on this issue. The "best answer" does not actually address the question, as my recent replies demonstrate in detail. Those details showing that Square Online (weebly.com) is a sending server for emails from an email address on our domain need to be run back up to your team. That makes it clear that Square Online is responsible for providing DKIM records for us to add in our domain's DNS settings, so that Square Online order confirmation emails will pass DMARC alignment.

cbstl · ‎04-08-2025

@MayaP - Since there's been no follow-up communication to my posts here, I created the following feature request with the same information as my recent posts:

https://community.squareup.com/t5/Square-Online/DKIM-authentication-needed-for-Square-Online-order-c...

However, the feature request has been marked as SPAM for some reason. I updated the post to remove the information reference links and have tried submitting two "abuse reports" to emphasize that it's an error for it to be marked as SPAM, but so far it still says it's marked as SPAM. Can you please help get the SPAM designation removed? As I've explained in detail in both this thread and the feature request, this issue really needs to be addressed by Square Online.

LAWCOFFEE

Incorrect.

cbstl

@nsilvialafrance @Lunadele1 @thewebtailors @flyingtigerfan @CColotti @kempict - If you can, please go to the feature request at the following link that I created and upvote it (click the thumbs up at the bottom of the feature request):
https://community.squareup.com/t5/Square-Online/DKIM-authentication-needed-for-Square-Online-order-c...

If there are enough upvotes, maybe @MayaP and Square will start to understand how they are badly missing the boat on Square Online failing to provide the necessary DKIM authentication entries for us to add to our DNS settings.

MayaP

Hey @cbstl — I really appreciate your tenacity in working to get this resolved.

I've marked the Best Answer above, as it reflects the only available solution at this time. I want other sellers who view this thread to have clarity on what’s currently possible.

I’ve also passed your feedback along to our team again, and they’ve confirmed that this isn’t something Square will support at the moment. I truly appreciate you taking the time to submit a feature request and share your thoughts—it makes a difference.

Just to be transparent, I don’t have the authority to prioritize or push feature requests myself—if I could, I absolutely would. I’m sorry this isn’t the answer you were hoping for.

If you have any other questions or need help with anything else, I’m here for you.

MayaP
Square Community Moderator
Sign in and click Mark as Best Answer if my reply answers your question ✨

cbstl

Hi @MayaP - Thanks for your response. When you passed the feedback along to your team this time, did you include all of the technical details that I provided which make it clear that their previous response fundamentally misunderstood the issue and make it 100% clear from the detailed sources that Square Online is responsible for providing us the DKIM entries to add to our DNS settings as long as Square Online insists on sending order confirmation emails FROM our domain address but MAILED-BY weebly.com? If the team refuses to support it due to resource constraints or some other reason, that's one thing, but it would be appropriate for them to at least acknowledged that on a technical level, they absolutely should support it or should stop sending the order confirmation emails from our domain email address.

MayaP

I’ve shared all the information you provided @cbstl, and the team also has access to this full thread for reference.

I understand this isn’t the resolution you were hoping for, and I’m sorry I don’t have additional insight to offer at this time. I encourage you to reach out directly to our Support Team at 855-700-6000, Monday to Friday, 6 AM – 6 PM PT, if you have more questions.

Thank you again for your patience.

MayaP
Square Community Moderator
Sign in and click Mark as Best Answer if my reply answers your question ✨

cbstl

@MayaP - Thank you. I did want to say that I know you're just the go-between and not the technical staff, so the frustration on this issue isn't directed at you. You've been instrumental in getting several other issues resolved and I'm extremely grateful for that, as is the rest of the community I'm sure.

The frustration on this is very much with the technical staff which either still doesn't understand this relatively straightforward DMARC issue or is willfully turning a blind eye to it. To put it in the terms used in the "best answer" received from your technical team, Square Online is not an email provider for our domain, but for DMARC purposes, Square Online (weebly.com) is just like an email provider because it is a sending server of emails from an email address on our domain. Square Online could resolve this in one of two ways:

You could provide us the DKIM records to add to our DNS settings so that order confirmation emails MAILED-BY the weebly.com servers will be DMARC-aligned for our domain.
You could stop sending order confirmation emails from an email address on our domain and instead send them from a generic weebly.com address (such as [email protected]) with our domain email address as the REPLY-TO address.

Square Online seems to be the only major ecommerce provider that doesn't understand this and it is baffling, especially when many of your Square Online customers understand it and have repeatedly raised the issue in this thread and others.

Lunadele1

Exactly! This needs to be done by Square/Weebly. Not only have we taken our valuable time to have to figure out what the issue was but our businesses have suffered in the meantime! The exact opposite of what a webiste is supposed to do. Now that we ALL know what the issue is, it is in your hands and SHOULD be fixed immedietly.

LAWCOFFEE

When is square going to address this issue?!? We need Sendgrid DKIM to authenticate our emails and not deliver to our customer's spam. It's absurd what we pay for this to be ignored. It's 2025 and you still don't know how this works? It's a fundamental principle for third-party email services (which you are whether you like it or not) to ensure deliverability and with. email services (like Gmail, yahoo etc.) tightening security, more and more are failing and landing in spam. It's only going to get worse. So Square/Weebly, fix it or you are about to lose a bunch of customers in the next year. I'm positive that is why Square Marketing decided to send from @squaremktg.com instead of giving us the option to send from our domain. It's lazy for the price and the brand reputation we should be able to keep, but it's better than emails going to our customer's spam. We'd be better off if Square changed the custom domain option show the emails as being send from @squareup.com. It's one or the other-- custom domain with DKIM provisions or no custom domains (lazy) but custom domains without DKIM is not sustainable—for us or you. If you don't change, you will lose. It's mind-blowing really. Anyone product team that even halfway understands this should be going, "oh $#!% -- this is a breakfix issue that needs to be addressed immediately." But instead non-answers and treating it like it's a feature request. Unreal.

https://mailchimp.com/developer/transactional/docs/authentication-delivery/

Square needs to support our many SPF / DKIM requests and own this issue