@theopenem said in Email suddenly no longer works with SMTP Relay Google Workspace:
I'm using postfix to relay all mail to gmail. It ends up being the same thing as if you set the relay in NodeBB.
Moreover, you now have a mail spool for failed messages, access to meaningful log messages, ability to tweak and tune if necessary, etc. This is a big win. But maybe too much a pita for some. Until something breaks. 😜
DKIM is lame. Search "DKIM considered bad". Here's one rant from ZDNet.
Iirc (and it has been a while since I needed to read up cuz my stuff jfw....), SPF has no restrictions on number of different domains - just add the spf txt record to that domain. Then make sure the relay has a reverse dns entry - that does not have to be the same domain, just has to be.
I was hoping for some better diagnostics, wh/is why I suggested the cli. Establishing an initial connection is easy. It is what comes next that is important and unfortunately OP did not see that bit thru. Why does not somebody test it, eh? I don't have any goog accts, nor do I want/need one, but it may prove illuminating?
Just my $0.02.
P.S.; Or maybe ptr is even easier than that for this use case: create a redirect to goog's? then goog worries about the nitty gritty for you. Like I said, been a while and shootin' from the hip. Double check the rfc, eh?
Here's some DMARC spf resources for the bold and curious.
P.P.S.; Geronimo, here ya' go. Big medicine!
Primary domain sporting the smtp relay zone file:relaydomain.tld. IN TXT "v=spf1 ip4:xxx.xxx.xxx.xxy ip4:yyy.yyy.yyy.yyz -all"
otherdom.tld zone file:otherdom.tld. IN TXT "v=spf1 redirect=relaydom.tld"
foodom.tld zone file:foodom.tld. IN TXT "v=spf1 redirect=relaydom.tld"
anotherdom.tld zone file@ IN TXT "v=spf1 redirect=relaydom.tld"
More than one way to do it, note the @ in second example there. Save typing but less explicit. Pick yer' poison.
Then use a checker. I favor MXToolbox, but note the Goog has one specific for their stuff Google Admin Toolbox Check MX .