I use the Swiftmailer lib to send mail in php, such as:
$transporter = Swift_SmtpTransport::newInstance('smtp.gmail.com', 587, 'tls')
->setAuthMode('login')
->setUsername('[email protected]')
->setPassword('password');
$mailer = Swift_Mailer::newInstance($transporter);
I use Gmail Workplace and am trying to understand and setup SPF at my webb host (not Google). Should I setup a gmail SPF or an SPF for my own IP adress to avoid having mails sent via php on my server, but with gmail SMTP, marked as spam?
You're already authenticating with credentials against smtp.gmail.com, so your own IP address is irrelevant for SPF configuration. SPF is checked by receiving servers, where the IP address of the connecting server (Google) is checked against the SPF list in the domain found in the
Return-Pathheader.Google is then relaying your message to it's destination recipient(s) on your behalf. Thus Google's IP should be in the SPF record for the domain you use in the
Return-Pathheader (a.k.a. bounce address or smtp.mailfrom).So, to answer your question: For the domain you use to send email from (as the
Return-Pathaddress), you should include the gmail servers as authorized hosts. Assuming you don't use any other services, that SPF record would look like:"v=spf1 include:_spf.google.com ~all", as described in this Google support article.And as per Jake's comment, indeed you should consider implementing DKIM and DMARC as well, because relying on SPF alone for protection against spoofing is not sufficient and is not resilient against email forwarding. The same documentation, a few levels up, lists all required actions to accomplish that.