Currently, if the portal does not have the dedicated IP add-on, all e-mails are sent using a "hubspotemail.net" domain in the "Return-Path" header.
By doing so HubSpot is breaking SPF Alignment rules. SPF and DKIM alignment are positive indicators and should be considered for the security of users, even those that do not need a dedicated IP setup.
Without proper return-path values, all DMARC reports and Google's Postm Authentication reports show SPF fails, making it harder to detect problems and postponing companies to fully implement DMARC's quarantine/reject policies.
My understanding is that a DMARC pass happens when either of the DKIM or SPF check passes, you don't need both. It's bewilderingly terrible that hubspot can't properly support SPF, a most basic of email security features, but so long as the DKIM works the DMARC will pass and Google/Yahoo will allow it.
ChatGPT tells me that my Hubspot email return path is not SPF aligned, and I don't see a way to fix that without setting up a dedicated return path in Hubspot, but I don't see an option for that in my Hubspot settings. Is it possible that Hubspot is still not providing a simple configuration option? I'll try to reach Dharmesh... sighhh.
Debe ser un usuario registrado para añadir un comentario aquí. Si ya está registrado, inicie sesión. Si todavía no está registrado, hágalo e inicie sesión.
