At this point the responses from the QuickBooks team are almost comical. It's like you guys are trying really hard to not answer the question. Let me break it down one more time and maybe you can escalate:
- QuickBooks sends email where the FROM address uses it's customer's configured domain. For example, QuickBooks might send invoices to my customers using [email address removed] because that's what I put in my QuickBooks settings.
- How does a mail server determine that this isn't a spoofed email? Anyone can send an email FROM any domain. SPF/DKIM/DMARC is the current standards-based answer to this problem.
- SPF basically says, "tell me what IP addresses can send emails on your behalf". So when a server receives an email invoice from QuickBooks, it can check the DNS of mycompany.com and find out that in fact the owner of mycompany.com is cool with QuickBooks sending emails on their behalf.
- We as your customers need to know what IP addresses to allow for QuickBooks. Because IP addresses are cumbersome to maintain, most companies just provide a DNS that resolves all of the IP addresses that might send emails.
- For example, if you want Google to send on your behalf, you just need to include _spf.google.com. It took me a matter of minutes to find the right DNS to use for ZenDesk, HubSpot, and Amazon SES which are popular platforms that send emails on customers' behalf.
