Gmailify Documentation

1. Introduction

Gmailify.com is an email service without storage. It exists to extend Google's Gmail email service with custom domains. A Gmail mailbox extended with Gmailify allows receiving, sending as well all other standard email operations, right from within Gmail. There is no need to ever leave Gmail for using your domain's mailboxes anymore. All Gmail features can now be seamlessly enjoyed for these too.

What makes Gmailify unique is that it is built ground-up for Gmail. Gmailify will integrate only with Gmail and permits access only via Gmail. This means better security and high reliability.

Gmailify builds around Gmail's inner-workings and features. With the dual delivery to Gmail, messages always reach Gmail on time and reliably.

1.1 Why Gmailify

Gmail is a loved email service by many users worldwide. It offers significant storage space and features at no cost. While Google previously used messages' content for advertising purposes, the practice has been discontinued.

With more than a billion of users, Gmail is one of the world's most important email providers. However, if users want to use an own email domain directly within Gmail, there is no other way than upgrading to Google's premium offering. Google Workspaces starts at $6 per user per month. That is a significant upgrade for what effectively is an address alias.

Many email and DNS providers offer forwarding nowadays, even for free. However, relying only on forwarding to get messages to Gmail can and will lose messages in transit. This is due to Gmail's spam filtering, which can at any point decide to reject forwarded messages. Such messages are then either bounced, dropped silently or must be checked via forwarder's service.

A professional, small business and just about anyone today cannot rely on such email delivery, where each message is a gamble.

At Gmailify, we have been running large email systems for the past decade. We have seen common desire to integrate with Gmail, the common issues and hacks around such setup. This has pushed us to make a dedicated system which will integrate reliably for a small yearly maintenance fee.

1.2 Target audience

Gmailify is loved by those who do not want to leave Gmail but need additional email addresses on their own domain. Without hopping mailboxes from Gmail to significantly inferior webmails, all those mailboxes get now seamlessly integrated. No more context switches, and only one inbox to follow.

Ease of use is only one, minor reason in our opinion. Having control of own email address and domain's address space is much more important. The @gmail.com address is Google's ownership. Should Google at any point decide to revoke our address, end or alter Gmail terms, we could lose all data and contact possibilities using that email address. Email addresses are the de-facto online identities nowadays used for accessing many services, and leaving it in the hands of third parties is more than just risky.

Controlling the domain allows portability of the email service. Should the domain owner not like Gmail's service in the future, switching away is only a matter of a few DNS changes without any service disruptions.

Freelancers and small companies can utilize Gmailify for a professional email based on Gmail. New Gmail accounts can be registered and connected with Gmailify.

- Families can bring all the members under a single domain, but still keep their personal accounts.

- Student associations can organize under a single domain at an insignificant yearly cost.

- Lower income countries' often find global email pricing unaffordable. This often marginalizes ventures in those countries. Gmailify allows a professional first impression for less than 2 cents a day.

1.3 The name »Gmailify«

We had no idea how to name this service. At one point we've seen other popular services with the -ify suffix and the idea was born. We have completely forgotten about the "Gmailify" offering of Gmail for other large providers like Outlook and Yahoo.

A quick check proved that the Gmailify term is not a registered trademark. The common domain names were not registered. Gmailify.com was born.

To avoid the confusion, we sometimes refer to our Gmailify as (Open)Gmailify. Gmail's Gmailify is not available to mailboxes outside select Google partners.

1.4 Compared to Gmail's Gmailify

While the name is confusingly the same, Gmail's Gmailify serves a whole different purpose. It pulls messages from Outlook, Yahoo and other select providers. More information here.

Gmail's Gmailify does not however allow you to connect your own domain with Gmail unless you have one configured with your Outlook or Yahoo mailboxes. That defeats the purpose, as at that point Gmail itself becomes excess.

Technically, Gmail's Gmailify uses IMAP for syncing, which is helpful if you have actively used external accounts with folders. Through Open/Gmailify, Gmail fetches messages via POP3. POP3 has no support for folders, and Gmail's POP3 fetching rate is only up to several times an hour.

If you configure an external mailbox to be used from within Gmail, it becomes clear that the external mailbox by itself is not be used directly. As a much more complicated protocol, IMAP syncing seems excessive. However, compared to POP3, Gmail syncs more often (or through triggers) with external accounts which may give appearance of semi-instant deliveries.

(Open)Gmailify compensates for this by forwarding messages too and not serving them only via POP3. Should the forwarded message not arrive due to Gmail's rejection of the message, next POP3 sync will pull in the message. The same can be requested on demand too via Gmail's settings > Accounts and Imports page.

There might be an internal difference in spam filtering between Gmail's Gmailify and POP3 fetching from (Open)Gmailify. However, such information is not disclosed by Google. (Open)Gmailify will forward to Gmail only messages that are not considered spam. The rest will be left for POP3 syncing for additional Gmail filtering.

1.5 Compared to Google Workspace

Google Workspaces is a bundle of services which among others includes Gmail for domains. The pricing starts at $6/user/month which becomes hefty if all one needs is email. Each additional address makes the service a lot more expensive.

On the upside, it is the most seamless way to link a domain to Gmail. If the cost difference is not a problem, and you do have use of the other Google Workspace features, this may be the best option.

1.6 Compared to other forwarders

Many services offer forwarding nowadays. However, forwarding alone is not enough for reliable Gmail delivery. Forwarded messages will often be rejected, and unless there is a fallback, messages would get lost.

On the other hand, delivering messages to Gmail is only one part of the setup. Forwarders rarely offer outgoing relays for sending message from within Gmail for your domain.

There is a hack where you can configure Gmail to use its own relays for sending messages. This requires adding an app password for Gmail in Google's Account Security and then using the same in Send mail as feature of Gmail, with the From address set to the one of your domain.

This may sound tempting, but if you care about your messages reaching the destination, it is better to avoid such hacks. Messages sent that way through Gmail will not carry a DKIM signature, which is however very important for instance for deliveries to other Gmail accounts.

2. Frequent Questions

We have collected the most common questions we were asked or thought we should have been. If you have others, feel free to write to us.

2.1 Is this for me?

Owning your own domain is very important nowadays, more than users realize. Email addresses are used for access to every online service. Having a full control over it is a must.

If for any reason, Gmail were to suspend your email address, you would lose access to other services. Though not a probable scenario for most users, in our past years as postmasters we have seen this happen. Gmail owns the @gmail.com address space and there is no contractual obligation from Google towards the users.

Using Gmail with an own domain brings the best of both worlds, and Gmailify helps you with this in a very cost-efficient way.

On the other hand, if you use your Gmail address for both private and business correspondence, then you absolutely should consider splitting those through Gmailify. Businesses often raise eyebrows when corresponding with a @gmail.com address, and there are good reasons behind it. A lot of spam, phishing, and fraudalent activities nowadays originate with Gmail. Receiving spam filters are reluctant to filter Gmail messages because of the size, which is readily abused.

2.2 Is Gmailify operated by Google?

Gmailify.com is a service operated by a Swiss company Mercata Sagl, based in Paradiso, canton Ticino. There is no relation to Google Inc.

Gmail does have a same-named "connector" feature called Gmailify, but it is not a commercial service nor does it serve the same purpose.

2.3 Why should I use Gmailify?

Gmailify was built for one single purpose, linking custom domain names to Gmail. We do not support other email services and integrate tightly with Gmail features. This makes Gmailify uniquely focused for high reliability.

Use Gmailify if you want to link reliably your custom email domain with Gmail addresses at a flat yearly price.

2.4 Is the price per address or per domain (account)?

We offer only one yearly price of $6.99, and it is for the whole domain. You can link to your domain as many @gmail.com addresses as you need, without any additional costs.

2.5 How can you offer Gmailify at such low price?

In a Gmailify setup, it is Gmail that does the heavy lifting, and we are aware of it. Gmail offers hosting, webmail, mobile apps, search etc. Gmailify only extends Gmail.

We have optimized the system for efficiency on every level. Not having to store and handle messages storage lowers operating costs significantly. This does not mean that Gmailify's costs are insignificant. In an email system there are many moving parts and unfortunately, end users do not see, appreciate or often understand the technology behind. We have put our experience running other large email system into Gmailify and have managed to bring down the costs to make the service sustainable.

Finally, we have set the price to the amount we would have paid ourselves for such a service.

2.6 Do you offer discounts?

Our yearly price is affordable for anyone globally. We have already lowered the price to the minimum possible and cannot offer further discounts.

2.7 Can I prepay multiple years?

Of course. In Gmailify's billing section, you can add extra years of service at any time.

2.8 What payment methods do you accept?

We accept all major credit cards via Stripe payment system as well majority of popular local payment methods as offered by Stripe. We do not accept cryptocurrencies though.

2.9 Do you offer support?

We hope you will not need our support, but in case you do, we are available via email. Without guarantees on response times, our team will try and assist when possible on best effort basis.

2.10 Is this a hack and is it Gmail approved?

Gmailify does not involve any "shortcuts" or hacks and is based on mature, well documented Gmail features. These have been available for years and are used by millions of users worldwide. While they are generalized, Gmailify brings them together at a focused goal of extending Gmail itself.

Gmailify does not circumvent any Gmail restrictions, nor does it need specific approvals to operate. From Gmail's side, Gmailify is just an external email service.

2.11 Is Gmailify reliable?

Yes. We have built redundancies everywhere to ensure your incoming messages reach Gmail, as well your outgoing messages the intended recipients.

We might be paranoid, but we have built Gmailify so it can survive multiple datacenters burning down simultaneously, even across continents.

2.12 Where are your datacenters?

We utilize multiple OVH datacenters in Canada and France.

2.13 What energy sources are you using?

The datacenters we employ use only renewable energy sources.

2.14 Who is behind Gmailify?

         Responsible: Mr. Dejan Štrbac

         Mercata Sagl
         via Ernesto Bosia 5c
         6900 Paradiso (TI)
         Switzerland

         Registered under CHE-318.329.292 in the Commercial Registry of canton Ticino, Switzerland
      

We are independent postmasters, having long experience running other large global email services. We have previously noticed a common request of integrating with Gmail and decided to make a dedicated service.

2.15 Are my messages safe and private?

The safety and privacy of your messages is bound to the same of your Gmail account.

Messages for your domain are immediately relayed further. Another copy is left on our POP server for Gmail fetching. If Gmail is configured correctly to fetch messages from Gmailify without leaving a copy, no trace will be left of the message in Gmailify.

2.16 How is your deliverability?

Deliverability to Gmail is ensured through dual-delivery setup. Before forwarding messages, we ARC sign them with your domain's key. This signature tells Gmail that the message does not originate from your domain but is only being relayed. As such, if any spam message gets forwarded, it is not your domain being penalized. If for any reason, Gmail refuses the message, the POP3 pickup will deliver the message into your Gmail.

When it comes to outgoing messages, things are a bit more involved. Deliverability bases itself on message content, domain reputation, DNS setup, provider IP space reputation and a bit of magic.

We will assume here that your message is not spammy, meaning it does not use any trigger words such as Viagra, inheritances and Nigerian princes. We will also assume that your domain has no history of sending such messages, whether intentionally or unintentionally.

Correct DNS setup is required to activate and start using Gmailify on your domain. After the initial setup, Gmailify continuously monitors DNS health of domains and sends a warning to domain administrators if issues are detected.

With a correct DNS configuration, all outgoing messages are DKIM signed. This signature guarantees authenticity. DKIM is one of the most important indicators for recipients, so having one is crucial. One could say Gmail itself requires valid DKIM signature for reaching the inbox.

Mercata SagL, the company behind Gmailify, is an active RIPE LIR member and operates own isolated address spaces for outgoing messages. Our IP ranges are continuously monitored on hundreds of public blacklists. For abuse prevention reasons, we do not publicize the blacklist status page.

If your message gets rejected, you can always let us know about it. We will inspect the rejection, and if possible, assist by reaching out to the responsible postmasters.

2.17 Will you be here in a year?

Yes. Gmailify is a self-sustaining business and we enjoy running it.

2.18 Can I use Gmailify on the Gmail apps?

Yes. Gmail also makes integrated accounts available on their apps.

2.19 Can I migrate old messages?

Where to? Gmail is your storage provider. If you want to bring your old domain messages into Gmail, you should probably first setup POP3 fetch from it via Gmail settings. Only once you pull all messages, integrate with Gmailify.

Gmailify itself offers no messages' storage.

2.20 Can I configure multiple POP3 fetches from Gmailify?

You don't have to! Make a separate mailbox in Gmailify and either create an alias or delegate messages from the other Gmailify mailbox via Gmailify routing.

Nevertheless, if you just want to fetch from Gmailify from multiple Gmail accounts, make sure to leave a copy on the server in Gmail's POP3 fetching settings for the Gmailify mailbox. Otherwise, only one of your Gmail accounts will fetch the message.

3. Common Problems

3.1 How to add a new address?

To add new addresses, you have to have administrator rights in Gmailify. In the routing section of your Gmailify account, you can find the Add Mailbox section.

This will invite the configured Gmail address to set up a mailbox. Only once the Gmail address accepts the invitation and configures POP3 fetching from Gmailify does the new mailbox become active.

3.2 Messages are mixed with other messages

Gmailify delivers messages to Gmail, which will by default place them in Inbox. However, it may be desirable to isolate the messages delivered over Gmailify. This is what Gmail filters and labels can be used for. Please refer to the Gmail configuration section below.

3.3 I cannot get past DNS setup

To set up email on your domain, you must have access to the domain's DNS. This is usually available at the domain registry where you have registered the domain.

If you are unable to change DNS records for your domain, you will be unable to proceed.

3.4 Messages are not arriving or are delayed

There could be multiple reasons for this. It is important to follow the email flow, checking from Gmail and going back to DNS.

3.4.1 Is Gmail's POP3 fetching configured?

Visit Gmail's Settings > Accounts and Imports, section Check mail from other accounts. Your Gmailify account should be listed, and last fetch should have been made latest an hour ago. If there was a problem fetching, there should be a clear warning.

If fetching is failing with clear Authentication failed error message, your Gmailify mailbox password may have been changed. You will have to generate a new password in the Gmailify admin and set it in Gmail.

3.4.2 Check MX records

When messages are not arriving, the first thing to come to mind is the MX record of your domain. If it is not present, messages will bounce back. If it is pointed elsewhere, messages for your domain will be routed there.

A common mistake is to add another MX record of another service, expecting a copy. That is however, not how MX records work. The lowest priority MX records are attempted first, and higher priority is attempted only if delivery is impossible. Same priority records are randomly picked for a delivery attempt, and others tried only after delivery failure. An explicit rejection does not count as failure and will stop further attempts.

To check your domain's DNS records, you can use our diagnostics tool from the administration panel. It checks all email records and gives suggestions on changes.

3.4.3 Check domain expiration

Domain renewals are often overlooked. Please check if your domain has expired at your domain registry.

3.4.4 Have you enabled DNSSEC recently?

We regularly see DNSSEC enabled for the domain, but the setup left incomplete. If DNSSEC is not configured properly, the DNS records will be considered bogus, which is the same as if they were not present. That goes for the MX record too.

If in doubt, or have recently enabled DNSSEC, please visit Verisign's DNSSEC debugger

3.4.5 Has your Gmailify subscription ended?

We send early reminders for subscription renewal, starting from three weeks before the expiry. If you have failed to renew, the domain will stop functioning through Gmailify.

Please sign in to your Gmailify account and check your subscription. If expired, as soon as you extend it, the email traffic will start working again. Message deliveries that may have been attempted between subscription expiry and now would have bounced back unfortunately.

To avoid disruptions, add a few years of subscription to your account in advance.

3.4.6 Are messages reaching Gmailify?

Please sign in to your Gmailify account and check the domain traffic logs. If your messages do not appear in the list, they are not reaching Gmailify servers.

When triaging delivery to your Gmailify mailbox, try several email services. It is often the case that the sending service was previously used for the domain you are triaging, and still is configured to be responsible for that domain's email traffic. If that is the case, outgoing messages in such systems are routed internally and will not reach Gmailify.

For example, if you have used your domain with Outlook 365 but have now configured to use Gmailify+Gmail without deactivating the domain in Outlook 365, an email sent from another Outlook user will be routed internally to your Outlook mailbox. If the Outlook mailbox does not exist for your domain, the message will bounce. When moving domains, it is important to remove them from previous systems.

3.5 Messages for my domain are bouncing

Either your DNS setup is wrong or your Gmailify subscription has expired. Please see the section above.

3.6 I would like to use multiple domains

With Gmailify you can set up multiple domain aliases on top of your primary domain. That means the address space of your primary domain becomes available across all domain aliases.

It is not possible to configure separate mailboxes for the domain aliases only. For such use cases, another account with the desired domain is required.

3.7 Received messages go to Gmail's Junk

How Gmail classifies your messages is largely outside our control. You can either try training Gmail by flagging messages as not junk or create a Gmail filter for your Gmailify messages to never mark them as spam.

3.8 Spam is coming through

As above, we have no control over Gmail's spam filter. You can help Gmail by flagging messages as junk.

3.9 Sent messages are going to recipients' spam

The definition of spam is in the eyes of the recipient or practically in the recipient's service. While it does seam it would be something controlled by the sender, it is not. Some things to check:

Sorting the message as junk is sometimes a default action. Outlook will junk domains it has no history of. Marking the message as not junk is what teaches outlook's spam filter. If possible, kindly ask the recipient to do so.

3.10 Sending fails

If your domain suddenly has no MX records, we will refuse sending from it as no reply can be received. Please check your MX records.

Another reason why we would refuse sending is for hitting rate limits. If you have been sending too fast or to too many recipients, we will refuse further deliveries.

4. Gmailify Overview

There is a lot to Gmailify. We try to keep this section actual with relevant information on our systems.

4.1 Networks

4.1.1 Datacenters location

We utilize datacenters in Canada and France. The sending relays utilizing our IP space are in France, while the rest of the infrastructure is in Canada.

4.1.2 Carbon footprint

While that is an odd question to ask while using Gmail, we are carbon negative. The energy our servers use comes from 100% renewable sources, and we regularly plant trees through company team activities.

4.1.3 IPv6+IPv4

We support both IPv4 and IPv6 (dual stack), with priority on IPv6. Deliveries to Gmail are always made over IPv6, while outbound delivery attempts are always made first via IPv6 with IPv4 as a fallback.

4.1.4 IP Networks

We utilize own IPv4 space for outbound deliveries from ranges 45.153.89.0/24 and 159.255.151.0/24. Wherever possible, deliveries are made over IPv6 with a fallback to IPv4.

4.2 Security

We have built Gmailify with great focus on security and privacy.

4.2.1 Access restrictions

Gmailify SMTP and POP are accessible only from Gmail. Gmailify mailboxes follow Gmail's security model and are as secure as the linked Gmail mailbox. There is one less password to remember.

4.2.2 Transfer encryption

Once accepted, messages passing through internal Gmailify systems always travel through TLSv1.3 encrypted channels.

4.2.3 DNSSEC

Gmailify has DNSSEC enabled by default. To benefit from this protection, your domain's DNS should also have it enabled.

4.2.4 DANE

Gmailify has DANE enabled, which essentially pins a hash of our private cryptographical TLS key in the DNS. This makes sense only with DNSSEC and proves authenticity to connecting clients.

4.2.5 MTA-STS

Gmailify by itself does not deploy an MTA-STS policy and see no need for it as it is redundant (and inferior) to DANE-SMTP which we already deploy. If you wish, you can define an MTA-STS policy for your domain.

MTA-STS is only used by a handful of providers and its support is generally scarce. Almost no sending relays validate it.

4.3 Privacy

Since we handle third party messages, we put strong emphasis on privacy. You can rest assured your messages are for your eyes only.

4.3.1 Storing messages

Messages entering Gmailify are only temporarily stored until the Gmail POP3 pickup. Should the POP3 fetching become defunct (of which you will be informed), stored messages are removed after 7 days. This is typically safe, as those messages should have reached your Gmail through forwarding.

4.3.2 Logging

We keep mail traffic logs for 7 days only. Previous logs are permanently deleted.

4.3.3 Backups

As Gmailify is not a permanent storage of messages, we do not store backups. Your mails are stored and backed up in Gmail.

4.3.4 Cookies

We use cookies only for their function, to maintain session once signed in to the administration panel. There is no other use of cookies by Gmailify.

4.4.5 Analytics

We do not run any kind of analytics on our web pages or within email systems.

4.4.6 Gmail access

To use Gmailify, we do not require programmatic access to Gmail accounts. Your Gmail account is safe and isolated from Gmailify.

4.4 Limitations

For sane usage of Gmailify, it is helpful to understand the limitations.

4.4.1 Traffic rate limits

Gmailify imposes fair-usage traffic limits. If a mailbox is receiving too fast, it will be rate limited and forced to slow down. The same goes for sending. Should you reach the sending or receiving rate limit, an alert will be raised to both of us.

If you must send a message to a larger group repeatedly (>50 recipients), please wait some 15-20 minutes before sending that next message. Rate limit will kick in already with bursts of 200 recipients.

IMPORTANT: Gmailify actively fights spam and broadcasts. If you must do those, please do not use Gmailify as it may result in a permanent ban of your account & domain. The same goes for usage of our relays through mail merges in Gmail.

4.4.2 Attachments

The maximum size of an outgoing message is 25 Megabytes. The size limit refers to the message, including all attachments and its content - encoded. Encoding increases the file size a bit.

Should the limit be reached, files would be uploaded to your Google Drive and linked to from the message by Gmail automatically. This works the same way for Gmail as it does for Gmailify addresses within Gmail.

4.4.3 Recipients

A maximum of 100 recipients are accepted per outgoing message. This matches the Gmail limit when used via SMTP. We however do not recommend sending messages to as many recipients at once. Such behavior may be considered spamming and may hurt your domain's reputation.

4.4.4 POP3 Storage

The POP3 storage is only temporal. It keeps the messages until Gmail picks them up. The storage is limited to 7 days of messages and 512 Megabytes and maximum 1000 messages. This limit should in practice never be reached due to automatic emptying by Gmail upon pickup.

Should you use Gmail POP3 option to leave a copy on the server, Gmailify will automatically do cleanups. We do not recommend this to avoid confusing Gmail's POP3 client.

4.5 Spam Filtering

Spam filtering is essential to email. In Gmailify, messages are filtered upon reception. Those that we consider spam, we mark by altering the subject and keep on POP3, while the rest is forwarded to Gmail.

We will be wrong occasionally with false positives and false negatives. However, this is where Gmail adds extra input and makes the final decision.

4.5.1 Graylisting

Sometimes a message may seem very delayed. A common reason for this is graylisting. Greylisting will defer messages that cannot be classified as spam nor ham, with an in-between spam score. Most spammers only blast messages in order to send as much as possible and do not retry deferred messages. This has the effect of dropping a lot of spam at the gates. SMTP standards (RFC) require systems to retry, which valid senders will do. No valid message gets lost through graylisting.

4.5.2 Blocking senders

If you are particularly annoyed by some sender, or domain or TLD, you can add a block to such sender directly in Gmailify so no message gets accepted and forwarded to Gmail. Just add an entry to the Denylist.

The denylist supports both sender and recipient blocking. Recipient blocking is useful if you have an address or alias you have used in the past, but now want to forbid. Plus addressing can also be used.

4.5.3 Gmail spam filtering

While Gmailify makes the first spam filtering, Gmail does the final decision before the message reaches your Gmail inbox.

Gmailify does not change the message sender, and it ARC-signs all received messages before passing them to Gmail. This helps Gmail interpret the messages as forwarded and not originating from Gmailify's relays. This protects your domain's reputation as well Gmailify's IP addresses. Gmail may nevertheless misinterpret some messages as spam. For best practices handling these, please see Gmail's recommendations.

4.6 Routing

Gmailify gives full control over the address space on your domain through the routing section, which is organized top-down in a manner that follows Gmailify address lookups.

Since a Gmailify account is tied to a single domain, we assume the domain name in addresses. Instead of asking for the full address in Gmailify routing, giving the so-called local part is sufficient (and recommended). The domain name may be added, but it will be silently removed. Providing a domain name different from your domain will result in a validation error to avoid misunderstandings.

IMPORTANT: Newly activated mailboxes are instantly available, while aliases have a typical deployment delay measured in seconds.

4.6.1 Mailboxes

Gmailify mailboxes are primary addresses on the domain. They are tied to Gmail addresses and serve both as forwarders as well temporary storage for Gmail POP3 fetches. While mailboxes do have a password, the same is not intended to be remembered but only used for integrating with Gmail. A custom password cannot be set on Gmailify mailboxes.

4.6.2 Aliases

Address aliases are versatile mappings of one address towards others. They can be used for creating temporary routes, distribution groups or even corrections of e.g., common misspellings.

For example, given an »info@« address alias configured with destination »john.doe, alice«, both john.doe@ and alice@ will receive a copy of the message sent to info@. This is the simplest use case of address aliases.

Aliases however support a much more powerful feature, the wildcards. A wildcard, identified by an asterisk (*), stands for exactly one or more characters in the address. Up to 9 wildcards may be used in an alias. The destination address may reference matched characters by the wildcard, which makes aliases very powerful for rewriting addresses. For example, given a wildcard alias »client-*@« and destination »sales.$1«, a message sent to client-acme@ would get rewritten into sales.acme@.

IMPORTANT: Aliases pointed to non-deliverable local addresses will result in a bounce address sent back to the sender. This will be confusing for the sender, as the bounce will indicate an address different than the one to which the message was originally sent. Make sure your aliases point to valid address(es).

4.6.3 Catchalls

Sometimes senders misspell addresses, so messages bounce back. Such messages can be caught by defining a catchall address, which effectively delivers any message addressed to a non-existing mailbox or alias. While catchalls may seem useful, we discourage them. Notifying the sender of wrong address is a rather desirable behavior. Without it, senders will keep using the wrong address.

IMPORTANT: Catchalls are »spam magnets«. A large share of spam is directed to non-existing addresses. Accepting these messages effectively confirms to spammers existence of the addresses and fills their address databases. As a result, more spam will be sent towards your domain.

4.6.4 Domain aliases

Several domains are often aliased to one primary, which is actually used for traffic. These could be different TLDs, e.g., domain.com, domain.org, domain.net or regional domain names. Whatever the need is, domain aliases through Gmailify are supported. The setup is the same as for the primary domain, and it involves setting up DNS records.

While address aliases rewrite the »local part« of the address, the domain aliases rewrite the domain name to the primary domain name. Each address on the primary name becomes available on the domain aliases.

IMPORTANT: Domain aliases are just that, aliases. They cannot be used for authentication in Gmail's POP3 fetching or SMTP sending. If sending from a domain aliased address is needed, it is necessary to use authentication details of the mailbox on the primary domain.

4.6.5 Plus addressing

Gmail itself has popularized plus addressing. Adding a plus sign (+) and any word before the @ sign in the address will still target the same, unchanged address on Gmail.

The same behavior is built-in to Gmailify. As an added benefit, the part after the plus sign gets rewritten into the Gmail address so Gmail filters, if any, can be applied. For example, given a Gmailify address »john.doe@domain.tld« linked to a Gmail address »john.doe@gmail.com«, plus addressing »john.doe+sales@domain.tld« will forward to »john.doe+sales@gmail.com«.

4.6.6 Subdomain addressing

Owning your domain address space comes with many benefits. Each active mailbox on Gmailify defines also a subdomain alias, even across domain aliases. Given a Gmailify mailbox »john.doe@domain.tld«, Gmailify will also accept messages for »(anything)@john.doe.domain.tld«. The subdomain addresses get further converted to plus addressing as »john.doe+(anything)@domain.tld« before further processing.

These addresses can only be used for receiving messages.

To use subdomain addressing, Gmailify MX record should be added as a wildcard for the subdomains (*.domain.tld). Wildcard records require advanced DNS understanding, and we therefore do not expose this future prominently.

IMPORTANT: To use subdomain addressing, the subdomain should obviously not exist as a primary Gmailify domain. If it does, it will take precedence. Conflicting subdomains and addresses may result in unexpected delivery behavior. Use with caution.

5. Gmailify Setup

For a correct and reliable usage of your Gmailify address, it is necessary to keep a correct configuration in the DNS and in Gmail. Fortunately, this is much easier than it sounds.

5.1 DNS Setup

Email relies on the DNS system. Without it, we would have used numbers for email addresses akin to phone numbers. To set up email for your domain, it is necessary to have control of the domain's DNS and be able to modify DNS records.

5.1.1 Quick overview of email delivery

When someone tries to send a message for your domain, the delivery process is usually handled by the sender's email service and not directly by the message author. This was not always so, but due to the amount of spam traveling Internet pipes, messages are rarely accepted from end users and their residential IP addresses nowadays.

Once the sender's email service accepts the message for delivery, it will try to determine where the message should be sent to. This is where the DNS records of the destination domain get consulted. Typically, the MX (Mail Exchanger) records are the ones that indicate hosts for messages delivery. MX record must point to a fully qualified domain name. No IP can be given as an MX host, nor can a delegation be made using CNAMEs. If no MX records are available, the domain's A record gets attempted for delivery.

Domains often define multiple MX records as failovers. The MX records have a priority attribute which indicates the order in which the delivery should be attempted. The lowest priority MX records get attempted before the higher priorities. Should a delivery fail to a select MX host (but not rejected), the other MX records of the same priority are attempted, before continuing to the higher priority ones. Should an MX record point to a hostname which resolves to multiple IP addresses (multihomed hosts), at least several of the IP addresses are to be tried before declaring the MX host as dead. There is a lot going on even before the delivery is started!

Gmailify defines a single MX record, mx.gmailify.com which is multihomed.

A common mistake with MX records is assuming that multiple MX records multiply messages by delivering a copy to each of the hosts. This is not the case. Should the MX records be of the same priority, they are taken randomly. Unless both of the records point to the same system, the message flow gets randomly split.

To lookup DNS MX records manually, command line tool »dig« can be used:

$ dig ycombinator.com mx +short
20 alt2.aspmx.l.google.com.
10 aspmx.l.google.com.
20 alt1.aspmx.l.google.com.
30 aspmx4.googlemail.com.

In the example above, we query domain ycombinator.com for MX records, and we see they are pointed to Google Workspaces. The priority of each record is followed by the target hostname. The host with the lowest priority is contacted first, in this example case - aspmx.l.google.com., with priority 10. By running dig again for this host, we can see the MX record is not multihomed as it points to a single IP:

$ dig aspmx.l.google.com +short
173.194.79.27

If we check Gmailify's own MX record, we'll see that Gmailify uses own service for own domain with a single multihomed MX record:

$ dig gmailify.com mx +short
10 mx.gmailify.com.
$ dig mx.gmailify.com +short
144.217.75.199
158.69.53.48

Back to the delivery attempt, assuming the target MX host is now identified, the sender's email service can proceed to deliver the message. A connection is made to the target MX host on port 25 over an insecure connection. This is identical to connecting to the host via the »telnet« command line tool.

$ telnet aspmx.l.google.com 25
Trying 142.251.31.27...
Connected to aspmx.l.google.com.
Escape character is '^]'.
220 mx.google.com ESMTP k8-20020a170906a38800b008ce03a3825csi4411296ejz.258 - gsmtp

Above, the SMTP dialog is initiated with the MX host of Gmail. While the connection starts insecure, Gmail will offer a protocol upgrade via opportunistic TLS (STARTTLS) after the SMTP introduction phase using the Enhanced SMTP EHLO command:

...
220 mx.google.com ESMTP k8-20020a170906a38800b008ce03a3825csi4411296ejz.258 - gsmtp
EHLO johndoe
250-mx.google.com at your service, [157.143.36.137]
250-SIZE 157286400
250-8BITMIME
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-CHUNKING
250 SMTPUTF8
STARTTLS
...

At this stage, the sending side should upgrade the connection by negotiating TLS with the receiving SMTP server. Once the connection is secure, the message can be delivered:

MAIL FROM:<sender@domain.tld>
250 2.1.0 OK p26-20020a05640210da00b004acc68db144si4224401edu.295 - gsmtp
RCPT TO:<idontexist@gmail.com>
250 2.1.5 OK p26-20020a05640210da00b004acc68db144si4224401edu.295 - gsmtp
DATA
354  Go ahead p26-20020a05640210da00b004acc68db144si4224401edu.295 - gsmtp
...
250 2.0.0 OK  1678520887 p26-20020a05640210da00b004acc68db144si4224401edu.295 - gsmtp
QUIT

During the delivery, receiving side's spam filter checks will run which will also evaluate sending domain's policies. The final 250 SMTP response code tells the sender that the message was accepted for delivery by the receiving side. Other common codes are 550 (rejected - do not try again) or 450 (deferred - try again later).

The delivery is complete now. As you can see above, there is a lot going on in SMTP. The Simple Mail Transfer Protocol is not so simple after all, with all the enhancements made over the years.

5.1.2 TXT Verification record

To set up a domain in Gmailify, we require a TXT record with a unique code tied to the domain. This code is not necessary for email functioning, but it serves us to uniquely identify and verify a domain in Gmailify. We require its presence in the DNS at all times. Without it, service can become suspended.

5.1.3 MX Relays

To accept messages through Gmailify, we require an MX record with value mx.gmailify.com. The priority number should be lowest among MX records on the domain if multiple present. The priority must also not be shared with other MX records. If only the Gmailify MX record is present, the actual priority number is irrelevant.

5.1.4 SPF Policy

The SMTP protocol by itself does not have a built-in authorization methods. This has the side effect of being able to identify the sender as just about anyone. This is very problematic as the sender identity cannot be trusted and can easily be spoofed.

SPF is one of the enhancements to email to prevent spoofing. It informs recipients of the authorized IP addresses that can send on behalf of the given domain. These IP addresses are listed in a DNS TXT record on the sending domain. Gmailify's default SPF record is:

v=spf1 include:spf.gmailify.com -all

This means gmailify.com SPF should include the SPF from the domain spf.gmailify.com. We can lookup now this SPF record using the »dig« command:

$ dig spf.gmailify.com txt +short
"v=spf1 ip4:144.217.75.199 ip6:2607:5300:60:9e13::/64 -all"

In the above SPF (not the actual Gmailify SPF), listed IPv4 and IPv6 addresses/subnets are authorized to send on behalf of the domain. The rather important part is the final keyword (mechanism in SPF terminology) - "all", which refers to everyone else. The character in front of all is a qualifier, and it tells the receiving side how to handle messages which are sent over IP addresses not found among the SPF permitted ones. In the case above, the minus (-) stands for Fail authentication. The receiving side may decide alone how to handle such messages.

IMPORTANT: There can be only one SPF record on the domain, and it must begin with v=spf1 in order to be considered a valid SPF. While Gmail uses an SPF value irrelevant to Gmailify, its documentation is a valuable resource for understanding it.

5.1.5 DKIM Public Keys

While SPF prevents spoofing, it does not protect the content of the message. If a malicious side were to sniff the message during transfer and modify it (man-in-the-middle attack), the receiving side would not know about it.

DKIM is an authentication method that ensures the message was not modified since it was accepted for delivery, as well that it was authorized by the owner of the domain. It does so by adding a digital signature to the message for both the metadata (headers) as well the content. The digital signature is based on public cryptography which works with a pair of keys, public and private. The private key is kept secret by the domain owner or the email service such as Gmailify, while the public key is exposed in the DNS publicly as a TXT record. Once the receiving side receives the message, the public DKIM key is looked up and used for verifying the digital signature.

The importance of DKIM is also described in Gmail's own documentation. Messages with invalid or no DKIM signatures carry a significant penalty when received by Gmail.

DKIM keys should be rotated periodically to reduce risk of the keys being compromised. In Gmailify, this is automatically done every 30 days. To facilitate the DKIM rotation without DKIM failures upon rotation, Gmailify defines two DKIM keys which should always be configured on the domains, but only one is used at a time. Domains using Gmailify should delegate the DKIM keys on selectors gm0 and gm1 via CNAME DNS records to the same selectors on gmailify.com domain, which then serves them as TXT records.

For example, given Gmailify domain acme.com, the DKIM records would be defined as (=> describing the CNAME target):

gm0._domainkey.acme.com. => gm0._domainkey.gmailify.com.

gm1._domainkey.acme.com. => gm1._domainkey.gmailify.com.

To inspect the actual DKIM keys at the Gmailify CNAME target, the »dig« command line tool can be used again:

$ dig gm0._domainkey.gmailify.com txt +short
"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CgNduTy1U2KlKNVANIRW8..."

$ dig gm1._domainkey.gmailify.com txt +short
"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/op5NuPaiGAfBh5UJ5Gqt..."

These records represent the public keys which can be used to verify DKIM signatures in messages by receiving parties.

The DKIM keys in Gmailify are important for more than just sending. The same keys are used for adding ARC signatures to messages before forwarding to Gmail. The signature tells Gmail that the message was processes through Gmailify as intermediary relay and did not originate with Gmailify.

IMPORTANT: All Gmailify domains use only two Gmailify keys. This is by design. Gmailify DKIM/ARC keys are short-lived and kept secure at all times. Sharing them among the domains ensures the transfer of messages is authenticated at the time of transmission, without going into non-repudiation, something DKIM was not made for.

5.1.6 DMARC Policy

DMARC extends SPF and DKIM, and adds additional restriction, domain alignment based on the From: address present in the message headers. Under DMARC, a message can fail authentication even if it passes SPF or DKIM, but fails alignment.

DMARC policy should be published as a TXT DNS record under the _dmarc subdomain of the email domain. Gmailify does not require a DMARC policy on domains, but strongly recommends it as an effectively spoofing prevention. The recommended policy for Gmailify domains is "v=DMARC1; p=quarantine;", which is also used by Gmailify itself.

The DMARC policy can be inspected using the command line tool »dig«:

$ dig _dmarc.gmailify.com txt +short
"v=DMARC1; p=quarantine;"

With such quarantine policy, messages that fail DMARC alignment (or SPF and DKIM altogether), should be sent to Junk on receiving. A stricter, p=reject policy can be set if such messages should be outright rejected. It is important to understand that the policy action defined in the domain's DMARC record is a recommendation, not a requirement: recipient systems may decide to override the domain's policy.

Gmail provides additional documentation on how they use DMARC to prevent spoofing and spam.

5.2 Gmail Configuration

For a correct integration, Gmail has to be configured to fetch messages from Gmailify's POP3 as well relay outgoing messages for Gmailify addresses via the Gmailify's SMTP relay.

5.2.1 POP3 fetching

Gmailify will forward messages to Gmail upon arrival. However, messages identifies as spam will not be forwarded. Additionally, some messages may be rejected by Gmail. This is expected and hence it is very important to continuously fetch not forwarded messages via POP3. POP3 is an old but very efficient protocol which serves for picking up messages from remote servers.

To set up POP3 fetching, please visit Gmail settings, tab »Accounts and Import«, section »Check mail from other accounts«, and click on link »Add a mail account«.

Add your Gmailify address in the popup form that shows up and on next page select »Import emails from my other account (POP3)«, clicking next.

IMPORTANT: Gmail's option Link accounts with Gmailify refers to the same-named feature of Gmail, which does not allow custom email domains and is available only for select providers (Outlook & Yahoo). It will not be available for your account. More information on this naming conflict here.

The essential details to know for completing the linking form in Gmail are your address (which should be known to you), server settings and password.

The POP3 server for Gmailify is pop.gmailify.com, available only on port 995, and always using a secure connection (SSL) when retrieving mails. We recommend applying a label to incoming messages with the address of the Gmailify mailbox, just as suggested by Gmail in the mail settings form. Using a label can help a lot for separating the Gmailify mailbox from the rest of Gmail messages.

The password for your Gmailify mailbox is given upon creation and cannot be customized. The reason for this is simple: Gmailify passwords are not meant to be memorized. They serve only for authenticating Gmail access. Should you need to reconfigure a Gmailify mailbox in your Gmail account, you should generate a new password from your Gmailify account and update your Gmail settings accordingly. If you are setting up sending, or domain alias sending, keep the Gmailify mailbox password page open after generating a password. We do not save plaintext passwords, so we cannot show it again without re-generating it.

Gmail's mail settings form for fetching messages offers additional options. Leaving a copy of retrieved messages on the server is not recommended. If left, messages will be removed after 7 days. Archiving incoming messages (Skip the Inbox) is also not recommended, as the messages will never be noticed.

Once POP fetching is configured, messages will reach Gmail via the periodical POP3 fetching, but sending from the Gmailify address will be not possible. At the end of POP fetching setup, Gmail will offer ask to continue setup configuring send from the address too. The details are in the next section.

5.2.2 Send mail as

Gmail by itself cannot send messages for other domains. While there are hacks around this, none of them will result in a reliable delivery.

The »Send mail as« setup adds a capability to Gmail to send authenticated messages via external relays. If not continuing the setup from the POP configuration, the »Send mail as« wizard can be initiated from Gmail's settings, tab »Accounts and Import«, section »Send mail as «, and link »Add another email address«. The important details to know for completing the Gmail's »Send mail as« form are your address (which should be known to you), server settings and password.

The address you are adding should be treated as an alias, so please leave the option checked. The alias setting is required in order to automatically reply from Gmailify address. More information on the alias feature is available in Gmail's documentation.

The SMTP server for Gmailify is smtp.gmailify.com, available only on port 465, and using a secured connection using SSL (recommended).

Just as for the POP3 setup, the Gmailify mailbox password is needed in order to set up SMTP server authentication. If you do not have access to the mailbox password, you will have to generate a new one. Changing the password will require updating also POP3 fetching password you should have previously configured.

Once Gmail verifies the server authentication, it will require confirmation that it should be allowed to send as the desired address. A verification number and link will be sent to your Gmailify address, which on the other hand should automatically be forwarded back to your Gmail inbox. Either copy and paste the number in the message or click the link once it arrives. This will complete the »Send mail as« setup.

IMPORTANT: Once the setup is complete, please reload (refresh) Gmail's web page. Gmail does not automatically load the settings into Gmail and your compose window may still not show the new From address until reloaded.

5.2.3 Labels

Gmail labels are akin to tags. They do not contain messages by themselves, but only scope messages containing the label. The labels are very useful with Gmailify, to show an isolated view of messages for the Gmailify address only, without the rest of Gmail messages. More information on Gmail labels is available in Gmail's documentation.

The POP3 setup you should have previously configured should automatically label incoming messages with a label named by the Gmailify address.

5.2.4 Filters

If you've followed our recommendation on POP3 fetching configuration, fetched messages should automatically be labeled with a label named with your Gmailify address. The forwarded messages however are not labeled and that represents the majority of messages reaching your Gmail inbox via Gmailify. These messages can be automatically labeled by creating a Gmail filter.

To create a new Gmail filter, click the options button inside the search field of Gmail. In left to right languages, this button should appear in the far right side of the search input field. This should bring the advanced search form. At the bottom of the form, next to the Search button, there is an option to Create filter, disabled by default.

In the »To:« field, and enter your Gmailify mailbox address and click on Create filter. Now enable the actions for the filter:

You can save the filter now. To manage this filter in the future, visit Gmail's settings, tab »Filters and Blocked Addresses«. More information on Gmail filters is available in Gmail's documentation.

IMPORTANT: Note the filter action »Never send it to Spam«. If the messages coming from Gmailify are going to your Gmail's Junk, you can use this action to prevent it. Do not add it to the filter above, but rather make a new filter to make use of Gmailify's pre-filtering. Enter your Gmailify mailbox address again in the »To:« field, and for the field »Doesn't have«, enter value "[SPAM]". This prefix is added to subjects of spammy messages by Gmailify. Pick action »Never send it to Spam« and apply also to matching conversions.

5.2.5 Reply from address

Once a message arrives over Gmailify to your Gmail inbox, a reply action should result in a pre-configured compose form with the From address set to the address of the original message recipient, the Gmailify address. This should be the default behavior after following the »Send mail as« setup described previously, specifically when configuring the Gmailify address to be treated as an alias.

Should the above not be the case, visit Gmail settings, tab »Accounts and Import«, section »Send mail as«, option »When replying to a message«, and ensure »Reply from the same address the message was sent to« is selected.

If you send more via your custom domain than Gmail, you can change the default address used in replies and newly composed messages. Select default next to the desired Gmailify address in the »Send mail as« section.

5.3 Email Routing

At the point of the domain activation in Gmailify, only one mailbox will exist on the domain along with two aliases pointed to it, postmaster@ and abuse@. The two aliases are recommended (required by email standards), but you can delete them. The two aliases will receive more spam than other mailboxes.

From Gmailify's email routing, additional addresses can be added as either mailboxes (tied to a Gmail address) or as aliases which point to other Gmailify addresses. In addition, the routing page also allows adding domain aliases.

The email routing table shown on the page is ordered in a way it follows actual email lookups in Gmailify, from domain aliases, through mailboxes, address aliases and ending with catchall. Address aliases support wildcards (containing an asterisk "*"), which makes them order dependent. The order of alias lookups is also top down, meaning the higher ones in the routing table are evaluated first. The next ones get considered only if no match is found.

Non-wildcard aliases are evaluated first, followed by the wildcard aliases taken no match is found. The initial order of wildcard aliases is based on the creation time which may not be desired, but may easily be modified using the arrows (▲ and ▼) next to the wildcard aliases.

IMPORTANT: Be careful not to create circular aliases which may lead to delayed, unpredictable or missed message deliveries.

5.3.1 Postmaster@ & abuse@ addresses

Email standards (RFC822) require existence of the reserved email address postmaster@domain.tld. This address is necessary in order to reach the responsible email administrators (you and us) in case of email delivery troubles, such as rejected messages by the spam filter.

IMPORTANT: The postmaster address is not spam filtered for obvious reasons, and as such it can receive a significant amount of spam. The postmaster address is by default an alias to the first mailbox created in Gmailify which means that spam can be passed on to Gmail. Should that be the case, the alias can be removed or redirected to a dedicated mailbox. Our recommendation is to create a Gmail filter with the To: set to postmaster@domain.tld, which should then be sent to a dedicated folder or Gmail label, skipping the Gmail Inbox. Remember to check those messages from time to time.

5.3.2 Inviting new Gmail users

To add a new address on the domain which forwards to another Gmail address, Add Mailbox from the domain routing page in Gmailify.

Gmailify mailboxes are linked upon creation to a single Gmail address. Once created, this link cannot be changed without removing the Gmailify mailbox and recreating it, since the Gmail authorization is univocal. Since the Gmail account is the actual user of the mailbox, it is not possible to access the mailbox or its messages directly.

Upon creation of the mailbox, Gmailify will send an invitation message to the tied Gmail address with instructions on confirming and activating the mailbox. Gmailify mailbox remains inactive until Gmail accesses it via POP3 for the first time using the password provided in the configuration instructions. Once it is active, the mailbox starts dual delivery of messages to Gmail.

IMPORTANT: Gmailify mailbox will not accept messages until it is activated via first POP3 access from Gmail.

5.3.3 Re-routing messages

Aliases (domain and address) can be used for re-routing or sending copies to other addresses on the same domain. They cannot be used for sending or forwarding messages to external domains. Should that be needed, Gmail can be configured to forward received messages via Gmailify using Gmail filters.

5.3.3.1 Domain aliases

Domain aliases point messages for extra domain names to the primary domain. They effectively rewrite the part after the @ sign to the primary domain. The lookup then continues for the address part before the @ sign, commonly called the local part. This means that the address space on the primary domain is mirrored on the domain alias. The domain alias cannot have own addresses which do not exist on the primary domain.

To add a new domain alias, use the Add Domain Alias action from the domain routing page in Gmailify. The domain alias will have to be configured with correct DNS records in order to become operational, just as it was done for the primary domain.

The domain aliases are typically used just for receiving. However, it is possible to send using the domain aliases, as long as the authentication is made using the password of the respective, primary mailbox on the primary domain.

To send from Gmail using a mailbox on the domain alias, it is necessary to configure a new »Send mail as« address from the Gmail settings, tab »Accounts and Import«. The settings are the same as for the primary mailbox. The SMTP server for Gmailify is smtp.gmailify.com, available only on port 465, and using a secured connection using SSL (recommended).

IMPORTANT: Unless you have saved the mailbox password previously somewhere, you will have to regenerate the mailbox password in Gmailify in order to see it again. That means the POP3 fetching and »Send mail as« for the primary mailbox will have to be updated in Gmail again.

5.3.3.2 Address aliases

Address aliases expand their address to configured destinations on the same domain. They can be used for sending copies of the incoming message to multiple recipients, common for e.g. info@, contact@ or sales@ address. They can also be used as a distribution list, for example as an all@ address.

To add a new address alias, use the Add Alias action from the domain routing page in Gmailify.

IMPORTANT: Mailboxes lookup preceeds aliases. Alias that matches a Gmailify mailbox address will not receive messages intended for that mailbox. To share messages from a mailbox, use delegations instead.

IMPORTANT: Address aliases should always point to existing local addresses. Should the local address not exist once the alias is expanded, the sender will receive a bounce message for the non-existing address. This is a desired behavior, so care must be taken when defining alias destinations.

IMPORTANT: Messages received over aliases in Gmail will not have the right From address pre-configured in replies as it does not match the accounts configured in Gmail. You need to click on the header where the recipient address (To:) is displayed to reveal the sender (From:) address choice and select the account you want to use. You can change the default address in Gmail settings on tab »Accounts and Imports«, section »Send mail as«.

5.3.3.3 Wildcard aliases

Wildcard aliases are aliases that make use of the wildcard asterisk "*", standing for exactly one or more characters in the address. Matched characters can be referenced in the destination addresses using positional references $1,$2 to $9. As such, wildcard aliases allow dynamic address rewrites.

Wildcard aliases are looked up only if no exact match is found among regular aliases, but before mailbox lookups. Since two or more wildcard aliases may match the same address, the order of looking up wildcard aliases is important. Gmailify routing table allows changing the lookup order of wildcard aliases using the arrows (▲ and ▼) next to them. The routing table is always looked up top-down in Gmailify systems.

IMPORTANT: It may come to mind creating a wildcard alias *+*@domain.tld which rewrites to $1@domain.tld. This is Gmail's plus addressing. There is no need for such rewrites. Plus addressing is supported out of the box, and the suffix after the plus is automatically passed on to Gmail. Wildcard aliases could be used though to prevent plus-addressing, should there be a need.

5.3.4 Delegating messages

Mailboxes in Gmailify can delegate messages to other addresses. This permits sending a copy of all received messages elsewhere on the domain.

Delegating messages is a bit different from aliases, though internally they are executed identically. Aliases are rather evaluated before the mailbox address lookup, while the delegations are executed after the mailbox address lookup has already been done. In addition, address aliases may be added only by domain administrators while the delegations can be configured by every mailbox for themselves as well overridden by the domain administrator.

If signed in to Gmailify as a normal mailbox user without domain administration privileges, the delegation is available under the main menu on the left. If signed in as an administrator, the own mailbox delegations are still in the same location, while the other mailboxes' delegation are manageable from the routing table.

5.3.5 Catching misaddressed messages

By default, all misaddressed messages are non-deliverable and cause bounces for senders. Some prefer however to accept such messages. This is possible by defining catchall destinations.

Logically, the catchall is the last, bottom possibility in the Gmailify routing table and by default it is empty, meaning DISCARD. Use the Modify action in the last, Catchall row to set desired destinations.

IMPORTANT: Catchalls are abused by spammers. Expect to receive more spam sent towards your domain with a catchall and with it more false negatives. We recommend not using catchalls and informing senders of failed deliveries.

5.4 Domain administrators

Select mailboxes in Gmailify can have more rights than the others if given domain administrator right. Once signed in to Gmailify.com administration panel, domain administrators can manage email routing, add or modify addresses, extend subscription as well close Gmailify account completely. Domain administrators can also grant and revoke domain administrator rights to and from other mailboxes.

Domain administrator rights can be assigned upon mailbox creation (along the invitation), but also added and revoked at any point at Gmailify.com using the Domain » Administrators page. Both features are obviously only available to existing domain administrators.

IMPORTANT: Domains must have at least one administrator. The first mailbox created along with the domain is the domain's default administrator. This can be changed later by adding other administrators.

6. Service Monitoring

Gmailify monitors the health of your setup continuously. We also provide means of monitoring Gmailify health itself.

6.1 Traffic monitoring

Sometimes a message won't be arriving, and the doubts will be whether Gmailify has received it. The most recent traffic logs are available for both domain and mailboxes. These are collected with an average delay of ~2 minutes and are visible in the Gmailify administration panel.

For both privacy as well practical reasons of keeping such large volumes of data, the traffic logs are limited to the last 14 days and ~200 entries. Their purpose is only to diagnose possible traffic disruptions or missing deliveries, not in-deep analysis.

6.2 DNS watchdog

Making DNS changes after having configured Gmailify can disrupt your email traffic. These are easily overlooked, so we've made Gmailify watch after your domain's DNS health. Should the records change from the required Gmailify settings for healthy traffic, you will be notified by Gmailify directly to your linked Gmail address.

6.3 POP3 watchdog

If Gmail fails to fetch messages within 6 hours from the Gmailify POP3 storage for a given mailbox, an alert will be raised to the linked Gmail address. POP3 fetching is absolutely needed along with forwarding to avoid missed messages.

6.4 Gmailify status page

Gmailify health may be monitored from our public status page.

6.5 Diagnosis using command line tools

If the domain is not receiving messages, the first thing to come in mind should be the presence of MX records. These can be easily checked from the command line:

$ dig domain.tld mx
10 mx.gmailify.com.

The numbers in the front of the results refer to MX priority of the hosts. To accept messages for your domain, Gmailify MX hosts must be of the lowest priority and as well the only host with that priority.

Should the Gmailify MX host be missing among the results, Gmailify is not processing messages for your domain, and no forwarding happens. If no MX hosts are returned, it is very probable messages are bouncing back for your domain.

A comprehensive diagnostic tool is already built into Gmailify, and it continuously monitors your domain's health, so you don't have to.

7. Billing

Gmailify is made for global availability, just as Gmail.

7.1 Geographical pricing

We know that a $1 has a different value in different countries, and find it unfair to set a fixed price globally. We have taken the effort to adjust prices geographically to mutually acceptable levels for users worldwide.

7.2 Payment methods accepted

We accept all major credit cards via Stripe payment system as well majority of popular local payment methods as offered by Stripe. We do not accept cryptocurrencies.

7.4 Storing payment methods

We do not store payment methods, intentionally.

7.4 Renewals

Gmailify is offered and billed only yearly. Unlike in most online services, we do not make automatic renewals or store payment methods. This might seem a counterproductive revenue policy for most businesses, but we do not want to force renewals on anyone. We have seen too many bad actors and do not want to take part at all.

Long before the service expiry, Gmailify notifies of expiration and prompts for action. Should there still be a need and interest, extending the service is easily done in few clicks.

7.5 Refunds

All efforts are made to provide a functional trial before payment. We have made our service fee as low as possible, and refunds present a cost beyond the amount paid.

Gmailify does not offer refunds and all sales are final.

8. Usage

Gmailify is used indirectly through Gmail and controlled via its own administration panel.

8.1 Gmailify access

Each Gmailify mailbox has independent access to the Gmailify.com configuration panel. Should the mailbox have domain administration rights, the configuration panel will be expanded with domain management options. Otherwise, only those relevant to the mailbox will be accessible.

To access the Gmailify site, mailbox users can visit the sign-in page and enter either the own Gmailify mailbox address or the linked Gmail address if it is uniquely linked to a single Gmailify mailbox. Gmailify will send a sign-in link to the linked Gmail address, which will be valid for 30 minutes. Gmailify account follows Gmail security without extra passwords.

8.2 Gmail Web

Gmail on the web is Gmail's main administration panel. At the same time, Gmail webmail is the most used email client globally.

IMPORTANT: When Gmail's settings or documentation talk about "Send mail as" address, they are referring to your Gmailify address. Gmailify integrates with Gmail using the Send mail as and Check mail from other accounts features.

8.2.1 Receiving

Once Gmailify is integrated with Gmail, there is no need to leave it and check Gmailify emails. They automatically arrive in Gmail's inbox, and if you have followed our setup guide, will be automatically labeled with an appropriate Gmail label.

8.2.2 Replying

When a message arrives to your Gmail inbox via Gmailify, taken the integration is correctly configured, replying will automatically select the right Gmailify address. If that is not the case, visit Gmail settings, tab »Accounts and Import«, section »Send mail as«, option »When replying to a message«, and ensure »Reply from the same address the message was sent to« is selected. This option should already be selected by default.

With such setting, hitting reply on a message arriving over Gmailify will preselect the Gmailify address as sender (From).

8.2.3 Composing

Assuming a correct integration, when composing new messages in Gmail, clicking the first, »From« row will offer a choice of addresses, among which also the one via Gmailify. By selecting it, the composed messages will be sent via the Gmailify mailbox instead of Gmail.

IMPORTANT: If the new, Gmailify address does not appear in the compose window, but the integration is complete, please try reloading the Gmail page. Gmail requires a page reload to fetch new Gmail senders' configuration.

8.2.4 Message signatures

Signatures for new messages and/or replies can be configured directly in Gmail, both for Gmail as well Gmailify addresses. The setting are found under in the »General« tab, section »Signature«.

Consult Gmail documentation for more information on Gmail's signatures feature.

8.2.5 Configuring a vacation responder

Gmail allows configuring a vacation responder in setting, in the »General« tab, section »Vacation responder«. The vacation responder also works with configured Gmailify addresses, assuming they are correctly configured. Vacation auto-replies are sent over the Gmailify relays.

Consult Gmail documentation for more information on Gmail's vacation responder feature.

8.3 Gmail mobile apps

Assuming a correct integration, Gmail mobile app follow the same settings of Gmail web. When composing a new message, the Gmailify address should appear as a possible From choice. When replying, the right From should automatically be set. If that is not the case, please check your Gmailify integration and your Gmail web settings.

8.4 Third-party email clients

Gmailify is sandboxed to Gmail and no outside access is possible to its POP3 and SMTP endpoints. This also means Gmailify is not compatible with third party email clients, such as Thunderbird. To utilize Gmailify addresses, official Gmail apps must be used.

8.5 On-demand POP3 fetching

Gmail does POP3 fetching from Gmailify at irregular periods. Sometimes it is could be every 15 minutes, yet sometimes it could be every hour. Should a message you were expecting not arrive via Gmailify forwarding, you can make an on-demand POP3 fetch request. Visit Gmail's settings, the »Accounts and Import« tab, section »Check mail from other accounts«, option »Check mail now« next to your Gmailify address.

9. Ending service

9.1 Mailbox

Each Gmailify mailbox owner may end own integration with their Gmail account by signing into Gmailify with their mailbox and selecting »Close Mailbox«. This will irreversably stop accepting, forwarding and POP3 serving of all messages for the closed mailbox address.

IMPORTANT: If the mailbox is last one on the domain, closing the mailbox will also close the domain and purge all configuration for the same. This operation is irreversible. Any remaining subscription will be voided. No refunds are possible of unused subscription duration.

9.2 Account (domain)

Gmailify account can be ended at any time by any of the domain administrators. Once signed in, select »Close Account« from the Domain menu will lead to account closure. All mailboxes will be purged and forwarding will be stopped for all mailboxes. This operation is irreversible.

IMPORTANT: Any remaining subscription will be voided. No refunds are possible of the unused subscription duration.

10. Legal matters

10.1 Privacy policy

10.1.1 Personal Data

All personal data is kept securely by us and thus protected from unauthorized access.

To use our services and enter into a contractual relationship, we collect just the Gmail email address. Once an account has been provisioned by our system, entry of additional personal information becomes possible thrugh payment - full name and postal address.

For the execution of credit card payments, your credit card data will be directly sent to our payment service providers Stripe or PayPal. This includes the transfer of personal data into a third country (USA).

Agreements entered into with Stripe and PayPal define appropriate safeguards and demands that the data is only processed in compliance with the GDPR and only for the purpose of execution of payments.

These agreements are available for Stripe and PayPal.

For the transaction of payments we also adhere to our data minimization policy. From the submitted payment information through Stripe or PayPal, we collect only the essential information required to conclude the transaction.

Gmailify provides services for saving, editing, presentation and electronic transmission of data through email service. This content data is voluntarily entered into Gmailify by the customer. When signing up for a Gmailify account, you give consent to the processing of this data according to Art.6 GDPR 1.a). All textual content is securely stored for the user and its communication partners. Due to the nature of the open communication systems, this information is accessible by Mercata Sagl. This data can be deleted by the user at any time in its entirety.

In order to maintain email server operations, for error diagnosis as well for prevention of abuse, mail server logs and copies of outgoing messages are stored for maximum of 14 days. Storage takes place for the purposes of the legitimate interests pursued by the controller according to Art.6 GDPR 1.f).

In order to maintain operations, for prevention of abuse and and for visitors analysis, IP addresses of users are processed. Storage only takes place for IP addresses made anonymous which are therefore not personal data any more. This processing takes place for the purposes of the legitimate interests pursued by the controller according to Art.6 GDPR 1.f).

With the exception of payment data, handled due its nature by third parties Stripe and PayPal, we will not disclose your personal data including your email address to third parties. However, we can be legally bound to provide content data (in case of a valid Swiss Federal court order) and inventory data to prosecution services. There will be no sale or leasing of data.

10.1.2 Data Security

We use reasonable and appropriate physical, electronic, and administrative safeguards to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data and the risks involved in processing that information.

10.1.3 Data Storage Period

All personal data shall be deleted immediately upon account closure and termination of the contract.

10.1.4 Data Processing

By signing up for and using our services, you give us your consent to process your personal data. We emphasize that you can withdraw your consent for the future at any time by terminating your account. We are obliged to delete, to correct or to restrict processing of the data stored about you upon termination request.

Please note that requests for termination via email cannot be processed as email message cannot be taken as a proof of account ownership.

You may object to the processing of your personal data as well as to lodge a complaint with a supervisory authority and the federal commissioner for data privacy of Switzerland (Feldeggweg 1, Berne).

10.1.5 Data Portability

We do not store any data on your behalf. Due to the nature of the service, Google and Gmail remain responsible for storage of your data.

10.1.6 Cookies

Beyond technical requirements for establishing a working session on our website, we do not use cookies or any form of tracking.

10.1.7 Analytics Data

We do not collect data for the purpose of user behavior and do not integrate any website analytics.

10.1.8 Contact From Our Web Page

On our web pages we offer the opportunity to get in contact with us via email. In doing so personal data is voluntarily transferred to us, stored automatically and only used for the purpose of dealing with the request and getting in touch with the person seeking contact. We do not disclose this personal data to third parties.

10.1.9 Name and Address of The Data Protection Officer

Any data subject may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection.

      Mr. Dejan Štrbac
      Mercata Sagl
      via Ernesto Bosia 5c
      6900 Paradiso (TI)
      Switzerland
      

10.1.10 Name and Address of The Controller

      Mercata Sagl
      via Ernesto Bosia 5c
      6900 Paradiso (TI)
      Switzerland
      

10.2 Terms of service

10.2.1 Introduction

Gmailify is an email service. We have first built it to simplify our own email integration with Gmail. We now offer it in good faith, hoping it will be of even better service to you.

To use Gmailify services you must agree to our house rules, called terms and conditions in the lawyer lingo. We try to keep these rules reasonable, human-readable and understandable.

10.2.2 General Rules

Our service is provided exclusively to individuals who are at least 18 years of age, or to minors who have obtained parental consent to open and maintain an account.

Each account holder is solely responsible for all messages sent or received through our service. As a condition for using, you agree to not use Gmailify services for any unlawful or prohibited activities. This includes any unethical or undesired activities by any party.

You also agree to be bound by these terms. We may at our sole discretion, terminate service without cause or notice. In a case of a severe violation of these terms we may refuse communication with violators as well ignore their appeals.

Please understand that we take a hard stand, but in practice we will try to keep you informed of everything that concerns your account. We will take aggressive actions only when absolutely necessary to protect ourselves, our property, other users as well third parties.

By using our services, you agree to abide by all national and international laws and regulations and to not use the same for any illegal purposes. The include but are not limited to spamming, misrepresentation (spoofing) and phishing, as well usage of our services for purposes that violate third party terms of services.

You also agree not to disrupt the Gmailify networks and servers. You further agree to not use Gmailify to send spam (unsolicited bulk) mail, or mailing list emails that contain persons that have not specifically agreed to be included on that list.

Any account found to be generating spam will be immediately terminated.

In response to abuse reports, complaints or court orders we may also terminate accounts which are found to be used for illegal or fraudulent activity. We have no obligation to store or forward the contents of terminated accounts.

By using our services, you are our honored guest. Guest manners apply.

10.2.3 Free Trial

We offer a limited, free trial of our services with a time limitation. The purpose of the free trial is to allow a test drive our platform before committing to a paid plan. The free trial comes without any guarantees.

We may limit or terminate an ongoing trial account at our sole discretion without any previous announcement. We may also modify the conditions or withdraw the free trial offering completely at some point without an announcement.

10.2.4 Account Termination

If you do not wish to use our services anymore, you have to terminate your account yourself by authenticating first against it. Authentication proves ownership. We cannot accept termination requests via email or third party services.

10.2.5 Refunds

We care deeply about providing you with the best service possible. However, we are unable to offer refunds. All sales are final. Terminated accounts with unused service are not subjects to partial refunds either.

10.2.6 Liability

Gmailify is a service which is actively developed and maintained. It will certainly include errors. We may make improvements and changes at any time without notice. We do not make any guarantees about the reliability of the service and do not guarantee the security of user data despite best efforts.

The service is provided “as is” and you agree not to hold us responsible for any damages that arise as a result of the loss of use, data, or profits connected to the performance of this service. Furthermore, you will not hold us liable if confidential material is unintentionally released as the result of a security failure or vulnerability. For sensitive materials, please use a strong encryption scheme such as GPG.

10.2.7 Refusal of Service

We retain the right to refuse service without further explanations. Common reasons are violations of these rules, verbal or attacks of any kind on Gmailify, its employees, infrastructure or image.

10.2.8 Indemnification

You agree that we cannot be held responsible for any third party claim, demand, or damage, including reasonable attorneys’ fees, arising out of your use of our services. You, and solely you, take responsibility for your actions while using our service.

10.2.9 Terms Modifications

We reserve the right to review and change this agreement at any time. You are responsible for regularly reviewing these Terms and Conditions. Continued use of our services after such changes shall constitute your consent to such changes.

10.2.10 Validity

Should individual provisions of these terms be wholly or partially void and/or ineffective, the validity and/or effectiveness of the remaining provisions or parts of such provisions shall remain unaffected.

The invalid and/or ineffective provisions shall be replaced by such provisions which correspond to the meaning and purpose of the invalid and/or unenforceable provisions in a legally effective manner economically closest is coming. The same applies to possible gaps in the regulation.

10.2.11 Applicable Law

This agreement shall be governed in all respects by the laws of the Canton of Ticino, Swiss Confederation. All actions commenced pursuant hereto shall be brought in a court of competent jurisdiction residing in the Canton of Ticino.

Mercata Sagl

10.3 Acceptable Use

We are fast to sanction any misuse of our services. We thank you in advance for reporting any abuse or suspicion of such to abuse address on our domain.

10.3.1 No Spam

We do not approve of spam and are dedicating significant attention and resources into anti-spam measures. Any involvement in spamming activities, as well association with spamming entities will result in permanent ban from using our services.

Furthermore, we will engage in further inspection as a service to community, and will report the offending parties, IP addresses, names and organizations to the authorities and public blacklists.

We will take the time to track and report violators.

10.3.2 No Phishing

Phishing is a hard problem to which there is no definite solution. We do our share in manually monitoring domains on our platform for phishing intentions. Any domain found to be involved in phishing activities is permanently banned from our platform as well reported to multiple blacklists world wide. Account holders, IP addresses and any extractable information will be reported to the authorities.

We will take the time to track and report violators.

10.3.3 No Fraud

We take a harsh stand on misrepresentation, spoofing and fraud. While not strictly illegal, we will sanction any attempt to fool email recipients about senders' identities or activities.

We check most of the domains for their activities, including their websites. Fake websites, clones as well activities intended to fool visitors are blocked and reported to ICANN and its associates.

Using of our services for activities that violate third party terms of services, breaks ours terms too. Examples are multiple accounts with service providers, obtaining otherwise unavailable services etc.

10.3.4 No Violence

Hate speech, racism, calls for violence, nazism as well any other immoral, unethical or socially unacceptable activity will be denied service. If illegal, we will report such to the authorities.

We work towards a safer Internet for all of us.