Envio de correo electrónico con SendGrid y React JS

Estoy desarrollando una aplicación web en ReactJS, la funcionalidad es que al momento de enviar el formulario se envíe un correo a quien ha llenado el formulario. He logrado hacerlo con express para usarlo de forma local, pero al momento de hacer deploy, he tenido este error, el API KEY lo generé de esta manera

introducir la descripción de la imagen aquí

Y al hacer la implementación, me sale este error

introducir la descripción de la imagen aquí

Quería saber si tienen otra herramienta que les sirvió o si han usado SendGrid y han visto este error al usarla.

SendGrid emails ignoring SPF records for mass phishing attempts

Recently we have encountered 2 instances of mass phishing attempts from 2 accounts using SendGrid although the SPF is published as hard fail for both without SendGrid records and only for the mail servers authorized to send.

To elaborate on the details, we encountered this during the investigation of multiple email incidents, lets take two domains abc.com and def.com – abc.com is on O365 while def.com is on premises (Exchange 2016). Unfortunately through phishing attacks the malicious attackers were able to compromise 1 account each from both domains and then used this to register on SendGrid (email header analysis shows SendGrid servers sending out emails), using this they were able to send out mass phishing emails from SendGrid to external users and Gmail, Yahoo and other corporate domains etc. although SPF records published as hardfail only specified O365 and on premises exchange IP’s for the domains respectively.

Quite surprised as how these emails were able to make it to the inbox of the recipients although there is no SPF, DKIM etc. set authorizing SendGrid. There is only an SPF record configured as mentioned earlier for either O365 or on-premises which is weird since it’s for both O365 cloud based and on-premises services, ruling out any cloud to cloud integrations etc. between O365 and SendGrid. There seems to be an increase in these types of attacks lately where a compromised account is used to create an account and have it verified it on SendGrid and then used for mass mailer (phishing) activities from those domains.

I was wondering if someone could shed some light on this as there is no DKIM for signing the domains, there is no SPF authorizing SendGrid and is set to -all (hardfail) but yet with the compromised accounts they are able to send out phishing emails through SendGrid by simply registering with them using the compromised accounts. We tested this out on a lab scenario and were able to replicate this on O365 and on-premises by sending emails to Gmail etc. which were received in the inbox by registering with SendGrid and with no DNS records authenticating or authorizing SendGrid to send on behalf of the domains.

Many Thanks.

SendGrid correos a SPAM

estoy utilizando sendgrid para enviar correos desde NodeJS, los correos los recibo sin problemas en mi servidor de la empresa, pero en otra empresa que recibe los mismos correos se van a SPAM, porque puede suceder esto, si tengo autenticado el dominio. Que puede causar que se reciban en SPAM

How do I configure the Sendgrid Integration module?

I have two Drupal 8 sites. Both have sendgrid integration installed via composer and both are using the same version (1.2). I have a Sendgrid account created and an API Key has been saved to the config for both sites.

The problem is that only one site is able to send mail while the other fails. I tested the functionality by sending test emails to myself and the site that failed always gave this error.

No API Secret key has been set

I’ve traced the error to the following code where the first if statement always fails.

$  site_config = $  this->configFactory->get('system.site'); $  sendgrid_config = $  this->configFactory->get('sendgrid_integration.settings');  $  key_secret = $  sendgrid_config->get('apikey'); if ($  this->moduleHandler->moduleExists('key')) {   $  key = \Drupal::service('key.repository')->getKey($  key_secret);   if ($  key) {     $  key_value = $  key->getKeyValue();     if ($  key_value) {       $  key_secret = $  key_value;     }   } } 

I’m confused because this is only happening on one of my sites, not on both even though they are configured the same way. Does anyone know what might be causing this issue?

SendGrid sent to spam on internal domain

I’m using SendGrid with a whitelabel to send email from my domain name, a-non-existent-account@example.com. The whitelabel works perfectly for outside delivery, but when sending to an inside account on O365 internal.user@example.com the messages are trapped in the O365 spam filter.

The headers are showing a passing dkim for my traffic, which I should be able to build a transport rule on but I have no idea how to do it.

Authentication-Results: spf=pass (sender IP is 208.117.55.133) smtp.mailfrom=whitelabel.example.com; example.com; dkim=pass (signature was verified) header.d=example.org;example.org; dmarc=temperror action=none header.from=example.org;compauth=pass reason=111 

I’m thinking I need a transport rule based off the whitelist Authentication-Results header, but I’m at a loss as how to do it. I don’t want to have to pay for a static IP from SendGrid unless absolutely necessary.

This is really a tiny issue in the grand scheme, but really annoying at the same time.