Is forwarding emails originating from Gmail through Salesforce Marketing Cloud considered Gmail impersonation?

Summary

Forwarding emails originating from Gmail through Salesforce Marketing Cloud (SFMC) poses a risk of Gmail impersonation if not carefully managed. The core issue is the potential disruption of email authentication protocols like SPF, DKIM, and DMARC. When an email is forwarded, SFMC might lack authorization to send on behalf of the original Gmail domain, leading to authentication failures. This can result in emails being flagged as spam, rejected, or triggering spoofing alerts. Proper configuration of SFMC's Sender Authentication Package (SAP), adherence to Gmail's sending policies, and awareness of Gmail's sending limits are crucial to avoid these issues. Additionally, internal systems that perform DMARC checks could flag forwarded emails as failures, further complicating deliverability.

Key findings

  • DMARC Failure Risk: Forwarding often breaks DMARC authentication because SFMC is not authorized to send on behalf of the Gmail domain, resulting in potential deliverability problems.
  • SPF/DKIM Configuration Issues: Improperly configured SPF and DKIM records can lead to emails being marked as impersonation attempts, damaging sender reputation.
  • Gmail Sending Limits: Sending large volumes of emails originating from Gmail through SFMC can violate Gmail's sending limits, affecting deliverability.
  • Spoofing Potential: If not configured correctly, forwarding can inadvertently trigger email spoofing alerts, impacting email trustworthiness.
  • Importance of Authentication: Email authentication is key to ensure deliverability; forwarding from a Gmail account through SFMC could lead to issues if the forwarding setup breaks the authentication chain.

Key considerations

  • SAP Configuration: Carefully configure Salesforce Marketing Cloud's Sender Authentication Package (SAP) to properly handle forwarding and maintain authentication integrity.
  • DMARC Compliance: Ensure that forwarding mechanisms do not violate DMARC policies to avoid legitimate emails being rejected or flagged as spam.
  • SPF Record Management: Configure SPF records to accurately reflect authorized sending sources, including SFMC, to prevent sender address forgery.
  • Gmail Sending Policy Adherence: Adhere strictly to Gmail's sending policies and guidelines when forwarding to avoid being flagged as spam or impersonation.
  • Internal DMARC Checks: Ensure that internal systems are not performing DMARC checks that might flag forwarded emails as authentication failures.

What email marketers say
10Marketer opinions

Forwarding emails originating from Gmail through Salesforce Marketing Cloud (SFMC) can be considered Gmail impersonation if not handled correctly. The primary concern revolves around email authentication protocols such as SPF, DKIM, and DMARC. When an email is forwarded, it may fail these authentication checks because the forwarding server (SFMC) is not authorized to send emails on behalf of the original Gmail sender. This can lead to deliverability issues, with emails being flagged as spam or rejected. Improper configuration and failure to adhere to Gmail's sending policies can exacerbate these problems.

Key opinions

  • DMARC Failure: DMARC policies can cause forwarded emails to fail authentication checks, leading to deliverability issues.
  • SPF/DKIM Issues: Incorrectly configured SPF and DKIM records can result in emails being flagged as impersonation attempts.
  • Gmail Limits: Sending large volumes of emails originating from Gmail through other systems can violate Gmail's sending limits.
  • Spoofing Risk: Forwarding without proper authentication may trigger email spoofing alerts.

Key considerations

  • Authentication Setup: Ensure proper SPF, DKIM, and DMARC authentication is in place for both Gmail and SFMC.
  • DMARC Handling: Verify that SFMC properly handles DMARC checks for forwarded emails to prevent failures.
  • Policy Compliance: Adhere to Gmail's sending policies to avoid being flagged as spam or impersonation.
  • Internal Checks: Check that internal systems aren't running DMARC checks, which would flag forwarded emails as failures.
  • Volume Awareness: Be aware of Gmail sending limits if you are sending large volumes of emails that originate from Gmail.
Marketer view

Email marketer from Reddit shares that DMARC (Domain-based Message Authentication, Reporting & Conformance) policies can cause forwarded emails to fail authentication checks, potentially leading to deliverability issues or being marked as spam. Forwarding from Gmail could be problematic if the forwarding service doesn't properly handle DMARC.

October 2024 - Reddit
Marketer view

Email marketer from Litmus explains that email authentication is key to ensure deliverability. Forwarding from a Gmail account through SFMC could lead to issues if the forwarding setup breaks the authentication chain, potentially being seen as impersonation.

November 2023 - Litmus
Marketer view

Email marketer from Gmass shares that when sending mass emails from Gmail or using Gmail as a relay, it's crucial to adhere to Gmail's guidelines and authentication requirements. Forwarding through SFMC, in this context, should ensure it doesn't violate Gmail's policies to avoid being flagged as spam or impersonation.

January 2023 - Gmass
Marketer view

Email marketer from ZeroBounce shares that following email deliverability best practices, including proper authentication and list hygiene, is crucial. Forwarding emails through different systems can impact these practices, so careful configuration is needed to avoid deliverability issues.

February 2025 - ZeroBounce
Marketer view

Email marketer from SuperOffice explains that email spoofing is when someone sends an email that appears to be from someone else. Forwarding from Gmail through SFMC might inadvertently trigger spoofing alerts if not configured correctly, potentially leading to deliverability issues.

March 2023 - SuperOffice
Marketer view

Email marketer from StackExchange responds that forwarding email from a Gmail account through a system like Salesforce Marketing Cloud could potentially cause issues with SPF (Sender Policy Framework) depending on how the system is configured, it might be seen as impersonation if not handled correctly.

May 2022 - StackExchange
Marketer view

Email marketer from Mailjet shares that when handling forwarded emails, it’s essential to ensure proper SPF and DKIM records are set up. If the forwarding process changes the original sender information, it might be flagged as impersonation, especially when forwarding from Gmail.

January 2023 - Mailjet
Marketer view

Email marketer from Sender Compliance says if you’re sending large volumes of email from Gmail via other systems, be aware of Gmail's sending limits. SFMC can help you avoid this but forwarding may still be problematic as it still originated from Gmail.

April 2021 - Sender Compliance
Marketer view

Email marketer from EmailOnAcid shares that to avoid spam filters, ensure proper authentication (SPF, DKIM, DMARC) is in place. When forwarding emails, it's crucial to maintain authentication to prevent being marked as spam or as an impersonation attempt.

January 2023 - EmailOnAcid
Marketer view

Marketer from Email Geeks shares that if you're taking an email that originated from gmail and forward it to an internal system, you should be fine as long as that internal system isn't doing a DMARC check. Also, if you send email out with a gmail.com from address, and you're not sending it via Gmail, you're gonna have a bad time.

October 2024 - Email Geeks

What the experts say
3Expert opinions

Forwarding emails originating from Gmail through Salesforce Marketing Cloud (SFMC) can lead to Gmail impersonation if not handled correctly. A core issue is that forwarding can break DMARC authentication, as the forwarding server (SFMC) typically lacks authorization to send emails on behalf of the original Gmail domain. This can cause authentication failures, leading to emails being rejected or treated as spam. If the 'From:' header shows a @gmail.com address, and you're not sending directly through Gmail, you're potentially impersonating Gmail.

Key opinions

  • DMARC Failure: Forwarding can break DMARC authentication because SFMC isn't authorized to send on behalf of the Gmail domain.
  • Impersonation via From Header: If the recipient sees a @gmail.com address in the From: header and the email isn't sent via Gmail, it's impersonation.
  • Authentication Issues: Forwarding problems arise when the forwarder lacks the authority to send emails that originate from gmail.com, leading to authentication failures.

Key considerations

  • Authentication Configuration: Ensure proper authentication settings (SPF, DKIM, DMARC) are correctly configured on SFMC to handle forwarded emails.
  • From Header Review: Carefully examine the 'From:' header to avoid displaying a @gmail.com address if the email isn't being sent through Gmail's servers.
  • Authorization Verification: Verify that the forwarding system (SFMC) is properly authorized to send emails on behalf of the original sender's domain to prevent authentication failures.
Expert view

Expert from Email Geeks explains that if the recipient receives an email and the address in the From: header ends with @gmail.com then you are impersonating Gmail, and you need to stop doing that.

September 2022 - Email Geeks
Expert view

Expert from Spam Resource explains that forwarding can have problems as the forwarder might not have the authority to send emails that originate from gmail.com. This causes authentication failures and can be flagged as spam or impersonation attempts.

December 2024 - Spam Resource
Expert view

Expert from Word to the Wise explains that forwarding can break DMARC authentication because the forwarder is not authorized to send on behalf of the original sender's domain. This can lead to emails being rejected or treated as spam. Therefore, forwarding from Gmail through SFMC could potentially be problematic if DMARC checks fail.

June 2022 - Word to the Wise

What the documentation says
5Technical articles

Forwarding emails from Gmail through Salesforce Marketing Cloud (SFMC) raises concerns about potential Gmail impersonation. While Gmail's settings manage copy retention, they don't address impersonation. SFMC utilizes Sender Authentication Package (SAP) for deliverability via SPF, DKIM, and DMARC, necessitating specific configurations to prevent flagging as impersonation. DMARC, designed to prevent spoofing, can be compromised by forwarding, potentially rejecting legitimate emails if not handled correctly. Proper SPF configuration, which prevents sender address forgery, is crucial for SFMC. Microsoft's SPF guidance, though not directly related, offers insights on authentication during forwarding.

Key findings

  • DMARC Interference: Forwarding mechanisms can interfere with DMARC checks, causing legitimate emails to be rejected or flagged.
  • SPF Configuration is Key: Proper SPF configuration is crucial to prevent sender address forgery when forwarding through SFMC.
  • SFMC Requires Specific Configuration: SFMC needs specific configurations to manage SPF, DKIM, and DMARC to prevent emails from being flagged as impersonation.

Key considerations

  • DMARC Compliance: Ensure forwarding mechanisms do not violate DMARC policies to avoid deliverability issues.
  • SAP Configuration: Carefully configure SFMC's SAP settings to properly handle forwarding and maintain authentication.
  • Authentication Protocol Implementation: Implement SPF and other authentication protocols meticulously to prevent emails from being flagged as impersonation.
Technical article

Documentation from Salesforce explains that Salesforce Marketing Cloud uses Sender Authentication Package (SAP) to manage email deliverability, including SPF, DKIM, and DMARC. Forwarding emails through SFMC might require specific configurations to ensure proper authentication and prevent being flagged as impersonation.

November 2024 - Salesforce Help
Technical article

Documentation from DMARC.org explains that DMARC policies are designed to prevent email spoofing and phishing. Forwarding mechanisms can interfere with DMARC checks, potentially causing legitimate emails to be rejected or flagged. Proper handling is needed to avoid these issues.

July 2022 - DMARC.org
Technical article

Documentation from RFC explains the Sender Policy Framework (SPF) prevents sender address forgery. Forwarding emails through a service like SFMC will require SPF to be configured so it doesn't look like impersonation.

July 2023 - RFC
Technical article

Documentation from Microsoft explains SPF authentication when forwarding emails through Microsoft systems. Whilst not a direct relation to Gmail it can be used as comparison to how authentication needs to be applied for forwarders.

June 2021 - Microsoft
Technical article

Documentation from Google Support explains that when forwarding emails, Gmail's settings can be configured to either keep Gmail's copy in the inbox, mark Gmail's copy as read, or archive Gmail's copy. However, it doesn't directly address the issue of impersonation through forwarding services.

October 2022 - Google Support