MIAB and Shopify


Was just wondering if anyone else has use MIAB with Shopify. I have a couple of users with shopify pages so I simply did custom DNS to send the web traffic to shopify. I thought all was well until I have a user complain that emails created when a product is sold are going to SPAM/Junk. I believe this has something to do with Shopify trying to send email as my user but going to junk as they are not from the MIAB. Has anyone else run into this issue I think it has something to do with TXT entrys in DNS though not sure which one or how to rectify.

Thanks in advance for any help.

Not a Shopify user here … that said…

Can Shopify be configured to send email via SMTP? If so, that is the best option.

Wow, their site and support community is worthless … I can find no references to how they actually work in detail, so I will assume from the one comment that I found which was barely related that you’ll need to adjust the TXT record.

Try this … domain.com. IN TXT “v=spf1 mx a:shops.shopify.com ?all”

With that SPF record, mails should not be dropped … a lot will depend on how the incoming mail server is configured though.

ok thanks will give that a go. should that be a ? or maybe a ~

A ? means that the policy is neutral, so not likely to send mail to spam no matter what.

A ~ means that the policy is a soft-fail, so likely to send the mail to spam.

A - means that the policy is strict, so mail should be completely rejected.

I was torn between ? and ~ so chose the lesser of the two. You may want to experiment.

Awesome thank you for educating me I had no idea that is what it meant. I will give it a go.

So how did the DNS TXT reocrd fix work out for your client?


I did make the change the ran through this SPF checker https://www.dmarcanalyzer.com/spf/checker/ which showed and error so I changed it back as I didn’t want to make the situation worse, maybe I am just being paraniod

What was the error?

If you’d PM me your hostname it would help … hard to diagnose something when you can’t run checks …

Thanks I will PM you

I found this little gem in the Shopify website:

Basically, Shopify does not conform to internet best practices … so …

Your clients may be better off changing their emails to come from the no-reply@shopify.com email address … or it may be better to remove DKIM from their domain … then Shopify emails ‘may’ work ok but other emails will go to spam or be rejected. I absolutely hate it when services do not conform to best practices.

I am not certain what to suggest here. Shopify is not going to work with external email unless you are paying the likes of Google or Micro$oft.

The error that you received was caused by the fact that shops.shopify.com DOES NOT EXIST in DNS, even though that is what Shopify itself states to use!!!

Incompetence …

It would be nice if Shopify would support using a SMTP relay, but it seems as though they do not.

In conclusion, it seems as though Shopify only works with using a custom email IF that email is a Google or Microsoft email address, which in my opinion makes it totally worthless.

Cheers for having a look at that. I really appreciate you taking the time.

1 Like

Sorry for the late jump in here but what I dealt with for a past client might help if you have not already found a solution that works for you.

First, based on my experience you definitely want to use -all or ~all for strict fail or soft fail to prevent your domain from having other issues. ?all will not block anything which will let others spoof your domain to send spam which could hurt your domain’s reputation causing future issues like black listing. I personally use nothing other than -all and work the spf1 line until I get it working as needed.

While there is no A record for shops.shopify.com there is an spf1 txt record.

For your client’s spf1 record I would add something like “include:shops.shopify.com” OR specifically include the spf1 entries that shops.shopify.com points to. You can see those here: https://www.whatsmydns.net/#TXT/shops.shopify.com

Personally I’d directly add shopify’s a: entries to my spf1 so that I could keep the adherence to the rule strict. Including shopify’s spf1 will also include the ~all making the rule a soft fail versus strict.

If you have already found a working solution please share it. It seems like each time this issue comes up the best solution for that instance is a little different than past solutions so I’d love to know how you finally solve this for your client.

Thanks CurtisN for going to the trouble of sharing your experience.

Unfortunately my client couldn’t wait and ended up changing their mail provider :frowning: