Contents
Preface
After I got my own domain name, I always wanted an email address with my own domain name suffix. In the beginning, I spent a lot of effort to set up my own mail server using home broadband. But later I found that only some domestic free mailboxes could receive messages. The others either could not be received at all or were in the trash, so I gave up.
However, after using cloudflare, I successfully solved the problem of receiving emails in my own domain name suffix mailbox by using its email routing function. But because using gmail to send emails is basically useless, I gave up sending emails.
This time, I accidentally heard that there was a free corporate email account, which made me excited for a while. However, after looking around, I found that it was difficult to apply for the basic education version of Google Workspace (free), and I had to provide a lot of messy certification materials. The cheapest of other corporate email accounts was $0.99/month. It was not expensive, but I rarely sent emails. I just wanted to use it occasionally to show off. It was not my style to pay for it and not use it. It was too wasteful, so I started looking again, and I really found a free personal corporate email solution that suited my needs: resend.
The final solution is cloudflare+resend+gmail (the target mailbox for my cf email routing).
cloudflare email routing
This is mainly to solve the problem of receiving emails with your own domain name. For detailed configuration steps, please refer to my other article:Home Data Center Series Use Cloudflare to create a small mailbox with your own domain suffix.
resend
This is mainly to solve the problem of sending emails using your own domain name.
Introduction
resend is a professional and efficient email sending platform. You can think of it as a professional email sending agent. All emails sent through it are credible and can go directly into the inboxes of major email service providers (in simple terms, resend guarantees the emails sent; in more complex terms, resend provides DKIM verification). This is actually the same as a corporate mailbox with a custom domain name (but corporate mailboxes cost money, and I don’t have money~).
The most important thing is that resend has a free quota for sending emails for personal accounts:

100 emails a day, 3,000 emails a month, this is more than enough for normal personal emails. What's more, I just want to use it to show off occasionally. So this is the tool I have been looking for for a long time.
Register a resned account
Register a resend account (https://resend.com/signup):


Add and verify your domain


According to the prompts in the red box in the figure below, add the corresponding records in your domain name provider (cf in my case), and then verify the domain name:

Then it is divided into 2 cases:
1. If your domain name does not have any mailbox-related settings configured
Then just add 4 records according to the requirements in the red box in the above figure. After verification, STATUS turns to green Verified, as shown below:

2. If your domain name has already configured email-related settings
For example, if CloudFlare's email function is enabled, the following precautions apply:
1. The priority of the MX record in the above figure is 10, which is required by resend. If your domain provider has more than one MX record, such as the MX record automatically filled in by Cloudflare's email routing:

You need to make sure that the priority of the MX record used for electronic routing is higher than the priority of the MX record used by resend for authentication (10 in this example).
2. If you use the clouflare email routing function, in addition to multiple MX records, there will also be a SPF record in TXT format:
TXT example.com "v=spf1 include:_spf.mx.cloudflare.net ~all"
If you add a TXT record directly according to the requirements of resend at this time:
TXT send v=spf1 include:xxx.com ~all
You will find that it fails the verification. This is because there can only be one SPF record. If the previous one exists, the one added later will be invalid. Therefore, the solution is to add the "include:xxx.com" of resend to "~all" in the original SPF record instead of adding another SPF record.
3. You can also disable or delete the existing SPF and MX records (for example, stop the electronic routing function of Cloudlfare first), and then change them according to the first two precautions after the resend verification is completed (this is what I did, and it felt like the verification was passed in less than a minute).
Get the resend API and smtp server address



Get and save the SMTP server address, which is the key to sending emails with our own domain name in the future:

Note: There are many knowledge points related to emails. Most people don’t need to pay attention to the details. However, if you are not an ordinary person and are interested in the details, you can refer to an article I wrote before, which I spent a lot of time and energy on and finally found to be useless:Docker series builds a mail server based on poste.io.
send email
After using resend, there is no need to use gmail to send emails. Even if you use gmail to send emails, you can just treat gmail as a normal email client. But I haven't used an email client for a long time, so I'm too lazy to bother with it. I'll just use gmail to demonstrate:



Verify the added email address:

Click the link in the email to verify:



Test sending emails. The sender selects the email address with the domain name suffix that he just added:

Send an email to my QQ mailbox. QQ mailbox is still very representative. As long as the QQ mailbox can be put into the inbox, other domestic mailboxes are basically no problem:

Successfully entered the inbox:

But don’t be happy too soon:

To display the sent information, there is a red reminder below, which is too low-class. . I tried another email address, such as gmail, and there was no reminder:

icloud.com email did not remind:


It seems to be regional discrimination. Do all domestic mailboxes have this warning? I tried 163 mailbox:

There is also a reminder, but no warning. It seems to depend on the security policies of different email service providers. It is normal that China does not recognize the overseas mailing service, but this reminder is really a bit of a letdown. But I have to bear it. At least sending to overseas emails is very cool.
Further research on the issue of proxy payment
I was writing a summary, but I was a little unhappy and wanted to further study the issue of proxy mailing. In fact, the reason for the proxy mailing problem itself is very simple: it is the problem of DKIM (Domain Keys Identified Mail). In my previous article (Docker series builds a mail server based on poste.io) also mentioned the concept of DKIM and how to set it up in the mail server and DNS. I will not go into details here. If you are interested, you can search it online.
Simply put, the email provider that receives the email will use DNS to query the public key placed in the DKIM record by the owner of the sending domain name, and compare it with the content (digital signature) encrypted with the private key in the DKIM header of the received email (verify the digital signature). If the verification passes, it proves that the email is not forged.
In fact, no matter what kind of mail it is, you can see it in the email source code:
View the original email in gmail:

When I check the original text of an email in iCloud, I see "send.tangwudi.com" instead of "email.amazonses.com" as shown in Gmail?

You can see it directly in the text in your QQ mailbox.

Why are there two kinds of results? Let's analyze the original content of the email received by icloud.com:

There are many parameters in the DKIM signature. The ones needed here are s and d. However, the other parameters are also posted here in case you are interested:
-Indicates the DKIM version. -v=1a=rsa-sha256Indicates the signature algorithm. -d=example.comIndicates the sending domain. -s=defaultRepresents a selector for signing. -c=relaxed/relaxedIndicates the normalization algorithm. -h=from:to:subject:date:message-idIndicates the header field to be signed. -[email protected]Indicates the signing identity. -bh=The following part is the hash value of the message body. -b=The following part is the signature itself.
When icloud.com receives the email I sent, it will find two DKIM signatures in the original email. To prove the authenticity of the email, icloud will verify both DKIM signatures: perform a DNS query using the parameters after s and d. Taking the first DKIM signature as an example, a DNS query will be formed:resend._domainkey.tangwudi.com, and thentangwudi.comThe domain name hosting provider (in my case, it is cloudflare) is used for query.resend._domainkey, remember this record? It is resend that verifiestangwudi.comOne of the records added when the domain name is created is the DKIM record, which contains the public key generated in advance by resend. Query:resend._domainkeyYou can get this public key when you:

Then use the public key to verify the signature in the first DKIM (b=the string behind it). If the verification passes, it is considered that the email is indeed sent from tangwudi.com; similarly, test the second DKIM. If the verification also passes, it can be confirmed that it is indeed sent from amazonses.com.
For icloud.com (gmail and hotmail), since the email is ultimately sent from amazonses.com, if there is some kind of agreement or mutual trust policy, the email will be released directly without any prompts:

If it is a domestic mailbox, although it will be released, the specific path of the email return will be displayed, which is the email address we saw earlier. In fact, this is the address used when replying emails:

This is like the public IP and port behind the private IP address NAT. When communicating with the web server on the Internet, the web server sends the reply packet to this public IP and port. In this scenario, this address is used to reply to the email directly, and then resend replies the email to the corresponding relationship (similar to the session table in NAT).[email protected]In the process, the sending and receiving of emails are completed.
As for why gmail shows "email.amazonses.com" and others show "send.tangwudi.com", I can't guess.
After analyzing it this way, it seems that resend still does not have enough influence in China. However, I didn’t know about resend before, so it’s normal that it doesn’t have enough influence. . .
Summarize
How does using resend to send emails compare to using gmail itself? I have tried gmail's sending service before, but I felt that the success rate was very low and it was not practical, so I never used it again. I just thought about it and felt that it was not right. I took a closer look at the process of setting up gmail's sending service and found that it was really just a simple sending service, and it did not involve any DNS record verification issues at all. So it should be that the free gmail user's sending service cannot pass the DKIM verification of its own domain name (tangwudi.com in this article) like the emails sent by resend, so it will naturally be directly discarded or put into the spam box.
So at present, cloudflare+resend+gmai is the most affordable and free personal enterprise email solution: cloudflare email routing + gmai for receiving, cloudflare+resend for sending (although I used gmail's sending agent, I was just lazy and used gmail as an email sending client. Using resend's smtp server address, I can use any email client to send emails). Although there are reminders for receiving emails in domestic mailboxes, at least they can be put into the inbox~, which is much better than going directly into the trash or not being able to enter the trash at all before.
However, the rich don’t like this. The domestic mailboxes that send emails from real corporate mailboxes should not even have reminders. That is more classy. However, I have looked around corporate mailboxes and found no free ones. The cheapest one is $0.99/month (stealing the picture, if there is any infringement, please notify me to delete it):

I have no money, so I can only envy you. Which brother can try NameCheap corporate email at $0.99 a month? It’s really not expensive!
In addition: After being introduced by a netizen, I found another similar one: brevo. It is similar to resend, but has a free quota of 300 emails per day. If you think that resend's quota of 100 emails per day is not enough, you can try this one. The configuration is not difficult. The configuration and verification steps are similar to resend, so I will not repeat them. There are also online tutorials. It also supports marketing plans and many functions. Resend's main feature is simplicity. Each has its own advantages. The only difference is that the address displayed for sending emails is this: "[email protected]", which looks a bit weird, but it can also be sent to the inbox of QQ Mail. Everything else is the same. You can choose according to your needs.
I wonder what your current email experience is like? I recently wanted to change my email service. Although the free experience of NetEase Enterprise Email is OK, I just want to try it out.
I just use gmail mailbox, but I use cloudflare's mail routing to make it a domain name mailbox.
I've used NC's corporate email before, and the paid version was great, but it stopped working due to lack of business. Incidentally, the internet is all about sharing content, but your website even restricts copying text?
Haha, thanks for your attention! I completely agree that the internet is for sharing (otherwise, why would I write and publish in the first place), but "sharing" here refers more to quoting, recommending, and reposting with attribution. To protect my content from random copying and to avoid issues like scraping and SEO hijacking, I've restricted copying (after all, I've seen several sites directly reposting my articles in their entirety).
I just wanted to copy the full name of NC. As for the intentional copying of your content, you can't prevent it, but it will cause a very bad experience for users. By the way, the link in your email is also wrong:http://192.168.10.99:50443/technology/homedatacenter12243/#comment-28076, it is suspected to be your server's intranet IP, not the domain name.
I understand how you feel. I myself sometimes find it inconvenient, and I've been struggling with this issue for a long time. However, there's really no way to have the best of both worlds. The current approach is actually a compromise.
Regarding the intranet address, my primary server is at home, and I primarily manage it through the intranet. Therefore, the comment reply link displays the intranet IP. This issue wouldn't occur if I logged in using the domain name. However, since I use an active-active architecture—domain login requires shutting down the slave server connection, which I'm too lazy to bother with—I mostly reply directly in the comment section, so the impact isn't significant.
Is it possible to remove the reminder that the sender of the domestic mailbox sees that it is sent by xxxxx?
I've been struggling for hours and can't figure it out.
There is no way to remove this. The purpose of this trouble is just to allow the email to enter the inbox of the domestic mailbox. This xxxx forwarding service is a security policy of the domestic mailbox itself. Almost all emails sent by foreign forwarding services will be added with this prompt. This is a domestic feature. Foreign mailboxes will not have this.
Zoho's free plan supports 5 email addresses, which is enough, and also supports binding your own domain.
I really don't know this. I'll look into it. Thanks for the reminder.
I use resend's email service as the support for the email part of my blog comment system.
The amount is more than enough for a personal blog.
How can I get the content of the comment in the blog interface after sending a reply to this kind of email?
I'm not quite sure what you mean. Using this method to send emails essentially tells Resend that you own the domain name at that email address, allowing Resend to send emails on their behalf. When someone replies, Resend will forward the email to your associated email address. However, this doesn't directly relate to comments on the blog interface, unless the blog uses that email address to send notification emails.