Options
Invoice email deliverability via authentication?
GarCard
Member Posts: 6
Is Wave providing any sort of authentication when sending invoice emails? If so, how? Technically, Wave isn't an "authorized" sender of emails for my domain. To help email deliverability of Invoices, is there any SPF or DKIM that can/should be set up for the sending email address? Similar to how you set up DNS for Mailchimp or Mailgun sending of emails...
2
Comments
Hey @GarCard and Welcome to the Wave Community Forum! When sending invoices from your Wave Account, Wave does not use your email domain to do so. Instead, we use a third party software to send the invoice and use your email address to add to the note of the email to ensure that your customer knows not to reply directly to the email and to reply to your email. There's no need for you to adjust any settings on your end, but you may want to instruct your customers to whitelist the domain @waveapps.com so that any invoices do not find their way into Spam folders in their email inbox.
In the 'send this invoice' pop up the 'From' dropdown field makes it appear as if the invoices will be sent from your chosen address. Instead they are sent from mailer@waveapps.com. I'm finding this goes to spam or email apps are marking it as a phishing scam, and for this reason I am not getting paid. This is a huge problem—this morning a client phoned me to ask if the invoices were legitimate. While I can send using Gmail what happens to recurring invoices and reminder emails? I am with @GarCard ...there really should be a way to send from Wave that delivers ALL emails with a verified email address the same way MailChimp does.
I just read this and i am shocked. Any self-respecting modern invoicing service should support DKIM and SPF verification and sending email with a verified user domain. This is really too bad since this Wave invoicing solution seemed promising. Looks like I'll have to look elsewhere until hopefully one day Wave supports this.
Hi @Nicholas_E , thanks for your message. At this time, we're not looking to change our current setup with regards to email services supporting DKIM and SPF verification. Thank you for sharing this feature idea with us here!
@CallieP would you at least consider changing the "From" email address when previewing the Invoice? It makes it seem like it will be coming from our email address, when that doesn't seem to really be the case. @Wonder mentions this in their above comment.
Again, I agree with @GarCard. It's misleading to have the dropdown 'from' field selection with an email address that doesn't actually reflect the domain the invoices are sent from. If they are all going to come from mailer@waveapps.com then this is what should be listed so that this shortfall is clear to your users. I suspect it's not a development priority because there's not much community noise about it—but I also suspect that is because few people would be aware that this is how emails are actually being handled.
I agree with @Wonder and @GarCard . It is misleading. If you were actually being honest with your customers and stating the truth (that it is coming from mailer@waveapps.com) and stating that this is a spam-registered address with many mailer clients because of the way you are using it, you would see your clients dropping this service like flies. Your company would be sweating bullets trying to offer support for DKIM/SPF verification like that very same day that you decide to be honest with your customers, rofl. This is completely unacceptable behavior for modern email invoice etiquette.
Hi @GarCard , @Wonder , and @Nicholas_E , thanks for getting back. What you're saying here makes sense to me; for sure it can possibly be misunderstood to seem like it's sending from your email address directly when it in fact isn't. As of right now, no change to this setting is on the road map as our teams are focused on improving other areas of the invoicing product. Thank you for bringing this idea to the table - we look forward to continuing to absorb your feedback into the product over time!
Oh, puh-lease!
If you look at Wave's own DNS zone records, I bet you'll find a SPF record.
Used in conjunction with DMARC, SPF records are essential to preventing email spoofing.
All of the major public mail service providers actively mark, as spam, emails that fail SPF/DMARC validation. Google actually includes a warning message that the message may be a phishing attempt if a SPF check fails validation, so, even if we ask customers to whitelist the sending address, the underlying perception is that the mail is not safe, not to mention it gives slow or reluctant payers an excuse, albeit weak, not to settle on time.
Surely you can tell us which servers are used to relay Wave emails, so we can add those to our own SPF records. It's not rocket science, really!
Hey @SeanButterworth ,
To clarify here, Wave uses Postmark's server to send most emails, including invoices, and we have DKIM and DMARC set up. Postmark itself includes their outbound sending IPs and SPF record in all emails sent through them as well. You can read more about this here!
I think the original confusion, and reason for this topic, was that Wave makes it seem that emails are being sent from our own email address when setting up the invoice. That's not the case. It's only used for the Reply-To header. So it'd be good if the interface was updated to make it more clear what the actual Sent-From email is; since it's apparently one via Wave.
Though, it would be nice if we could eventually set up our own email domain to be used for sending invoices, by adding the proper DNS records to our own nameserver.