Sending emails with VFP with CDO 2

[foxup]

Hi,

I'm sending emails out thru VFP9 using CDO's. Everything works perfectly except that as of Feb-2024, Google insists that every email sent to Gmail users must have a DKIM signature.

How do I add the DKIM signature to this code please.

accno='000-000000'
has_txt=.F.
has_pdf=.F.
m.emal='mine@gmail.com'
LOCAL iMsg,iConf
DECLARE SHORT InternetGetConnectedState IN wininet.DLL;
INTEGER @lpdwFlags, INTEGER dwReserved
lConnect=displayState()
IF lConnect
iMsg = CREATEOBJECT("CDO.Message")
iConf = CREATEOBJECT("CDO.Configuration")
Flds = iConf.FIELDS
WITH Flds
.ITEM("

http://schemas.microsoft.com/cdo/configuration/sendusing")

= 2
.ITEM("

http://schemas.microsoft.com/cdo/configuration/smtpserver")

= 'ourserver' && ourserver
.ITEM("

http://schemas.microsoft.com/cdo/configuration/smtpserverport")

= 25
.UPDATE()
ENDWITH
WITH iMsg
.Configuration = iConf
.TO = m.emal
.BCC = ""
.FROM = "me@example.ca"
.Subject = "Your Invoice is Now Ready 2024-01"
.FIELDS("Priority").VALUE = 0 && -1=Low, 0=Normal, 1=High
.Fields("

http://schemas.microsoft.com/cdo/configuration/smtpauthenticate").Value

= 1
.Fields("

http://schemas.microsoft.com/cdo/configuration/smtpconnectiontimeout").Value

= 60
.Fields("

http://schemas.microsoft.com/cdo/configuration/smtusessl").Value

= .T.
.FIELDS.UPDATE()
IF has_txt=.F. && HAS ONLY PDF (NO TXT FILE EXISTS)
bod="<img src='cid:logo.png'><BR>Hello,<BR><BR>in PDF.<BR>"
.HtmlBody=bod
ELSE && EXISTS BOTH THE PDF & TXT FILE SO EMAIL BODY IS A LITTLE DIFFERENT
bod="<img src='cid:logo.png'><BR>Hello,<BR><BR>your pdf PDF.<BR>"
.HtmlBody=bod
ENDIF
.AddAttachment ("C:\Users\jk\Desktop\ff\logo.png") && ALWAYS DONE SO THAT EVERYBODY HAS THE LOGO
.SEND()
ENDWITH
iMsg = .NULL.
iConf = .NULL.
Flds = .NULL.
ELSE
MESSAGEBOX("Could not send the message, your internet connection is down.")
ENDIF
PROCEDURE displayState
LOCAL lConnected
lConnected = .F.
lpdwFlags = 0
IF InternetGetConnectedState (@lpdwFlags, 0) = 1
lConnected = .T.
ENDIF
RETURN lConnected
ENDPROC


Thanks,
FOXUP

 

[Gerrit Broekhuis]

Hi Marco,

I hope someone (Doug?) will add the DKIM support to sfMail. I don’t have visual studio, so I can only hope someone will be able to add this and recompile.

Regards, Gerrit

 

[Chris Miller]

One point still is, that you don't necessarily need to sign mails while creatiung them. The first step of sneding a mail is putting it into your own mailserver, especially if it's company mails coming from your own domain. And you cannot only set some DSN records, if you have a Microsoft365 domain the links I posted above configure the automatic processing of the mails in regard to SPF, DKIM, and DMARC, before mails which makes the whole process unimportant for the client side, even for Outlook. And what works for Microsoft365 domains likely also works for other constructs of domain/mailserver software.

To reiterate and summarize that with quotes:

Link:

https://learn.microsoft.com/en-us/m...mail-authentication-about?view=o365-worldwide

quote MS:

As a Microsoft 365 organization with mailboxes in Exchange Online, or a standalone Exchange Online Protection (EOP) organization without Exchange Online mailboxes, protecting the integrity of email messages from senders in your domains is important...
...To configure email authentication for mail sent from Microsoft 365 organizations with mailboxes in Exchange Online or standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, see the following articles:

The latter sentence implies that if your company does use an Exchange Online mailserver or EOP, but you at least have a Microsoft365 domain, then you can use the three articles about SPF, DKIM and DMARC to get all this going without changing anything in your processes generating emails. I.e. if a mail without DKIM header (just to pick that one out) is arriving in the domains Exchange server, that will do the signing and you don't have to do that yourself.

Chriss

 

[foxup]

Chriss and Mike,

Thank you all for your help guys. I managed to send out all the emails since we were sending less than 2,500 per day, the requirement from Google is that SPF OR DKIM (one or the other) be functional. It all worked out since I had SPF working.

I did note your Outlook code though as it will be something that I'll be building upon later.


Thanks to all,
FOXUP

 

[Gerrit Broekhuis]

Hi Foxup,

Good to you have a working solution. What did you use to get CDO running with SPF?

Regards, Gerrit

 

[foxup]

Hi Gerrit,

I had SPF setup as DNS TXT records in the mail server. All required records (SPF, DKIM, DMARC) were setup as DNS TXT records on mail server.

I hope that helps.

Thanks,
FOXUP

 

[Gerrit Broekhuis]

Hi foxup,

What do you mean exactly with mail server? Is it your (local) SMTP server or your mail service provider?

Regards Gerrit

 

[Chris Miller]

The whole topic of SPF, DKIM, and DMARC is about authenticating the sender mail address, by giving information that can be retrieved from the mail recipient (or its mail client software) to verify the sender.

So it's all about mail sender addresses of a company domain, like it's brand name, mails from apple.com, for example. Or if your company owns a brand name as a domain about that domain.

You'll not ever be responsible nor do you have access to DNS records of gmail.com, for example. It's only of your own concern, if you own a domain and send mails from that domain and don't want your mails to be marked as spam.

SPF itslef is the lowest form of authentication as far as I remember, SPF DSN records should clarify which from addresses of your domain you authorize to send mails, so if someone spoofs mails as coming from your company/brand and spreads misinformation or does phishing or other fraud, then these authentication schemes help recognizing that.

To get back to what foxup forwarded from Google:

Google insists that every email sent to Gmail users must have a DKIM signature.

That's talking of Googles Gmail as a mail client that verifies mails sent to them (any gmail recipient) are having these authentication schemes. It's not about the SPF records of gmail.com and even less so of any specific gmail address.

All that is telling it's not your concern, if you have a gmail address. On the contrary as a gmail user having a gmail address you will profit from Google paying attention to these things on the one side, and companies having a legitimate reason to send out mails to clients, be it to confirm subscriptions/registration or sending out newsletters can process their outgoing mails to have these verifieable features.

My hoster could never tell me how even those SPF records have to look, so Gmail displays the mails I sent from one of my domains from a cron job (a summary of some things) to a gmail address with a warning icon (red question mark in an octagon) and the alt tag text "Gmail couldn't verify that <senderaddress> actually sent this message." Since I know these mails come from my domain to me and since gmail doesn't reject these mails and still delivers them to my gmail address I'm not needing this.

But if I'd want to send out mails to customers even just the nature of the mails in simple aspects as regular (weekly/monthly) with similar texts (template mails individualized with mailmerging processes and individual attachments), you neither want your mails to go into a spam folder nor even have that warning icon marker. Otherwise this is not a concern and I still would push this as far from me as I can, as I see it's doable with an Exchange server to let it do that instead of your mail generation process.

Chriss