Wipfli has been receiving quite a few support requests about this exact same issue. In response, we are sharing an article providing a setup option for those of you who are emailing documents from Intacct and experiencing issues with delivery to junk/spam. Because the default email sent out from Intacct is sent via “bounces.intacct.com”, it is causing the emails to route to recipients’ junk/spam folders.
To prevent this issue, Intacct recommends setting up the Email Sender Domain in the Company Info setup and following the instructions below to set up the client’s email system to support the fix.
This should prevent the emails coming straight out of Intacct from ending up in the recipients’ junk/spam folders.
The Intacct application sends email on the behalf of our customers to their customers. The default way is to mark the Sender (return-path/MAIL FROM) as “firstname.lastname@example.org”. The From header is whatever the user enters during the email submission process. In this case the Sender and the From are different and if that customer utilizes DMARC, the emails may fail to be delivered because they do not match.
To solve this issue, Intacct has added a feature that allows the customer to specify a sender domain of their choice. They must navigate to:
Company Info >
Global Settings >
Email Sender Domain
…and edit the field by adding a valid domain. Once saved, all emails sent by Intacct on behalf of the customer will specify the Sender as “intacctmailservice@< Email Sender Domain>. The customer is not restricted to using their base domain only and they are encouraged to create a subdomain that is designed for this purpose (i.e., use “bounces.customer.com” instead of “customer.com”). If customers leave this field blank, the behavior will use “bounces.intacct .com” as the Sender (default behavior).
How to Modify the SPF Record
The customer must also modify the SPF record (for the domain they entered above) to authorize Intacct to send emails as them. This can be done one of two ways:
Add an include entry which contains Intacct’s SPF entry “_spf.intacct.com”. It may look like this:
v=spf1 include:_spf.intacct.com -all
Add Intacct’s email server IP address ranges directly (necessary if the maximum lookups are reached). This can be determined by running the following command:
> host –t SPF _spf.intacct.com.
_spf.intacct.com has SPF record “v=spf1 ip4:22.214.171.124/26 ip4:126.96.36.199/27 ip4:188.8.131.52/26 ?all”
For those customers that use this feature, we recommend that the customer does not configure email bounces to be forwarded back to Intacct since our system is not configured to handle them appropriately. In later phases of this email project Intacct will be adding capability (XVERP encoding to the return-path) to handle bounces and then recommend that customers use a CNAME (alias) as their sender domain which points to Intacct.
SPF associates and verifies that the MAIL FROM address matches the IP address where the email originated via an SPF record lookup.
DMARC is an umbrella for both SPF and DKIM (and possibly future email security standards). It forces “alignment” between the MAILFROM and FROM addresses in an email for these protocols.
Need More Help?
If you have questions about this Intacct support blog or any others, please contact email@example.com or firstname.lastname@example.org.