Presently, I have it set up like below.

I'll put my question first, then you can see my configuration below.

So how I have it set up, all my mail from my other domains is forwarded to my main domain, but there is a spammer who has been sending mail through my web server. I think he's using a wordpress exploit to do it (even fresh installs of wordpress he still gets through). So I removed all the wordpress since it's not being used yet and it gets rid of the spammer.

However, I would like my mail to be completely used by google apps, not from my server at all.

I'm not sure if forwarding the domains to the google apps domain will stop mails from being able to be sent through my web server or not.

I'm also wondering if I should set up SPF and DKIM for each domain or not with the current configuration.

Alternatively I'm wondering if I should instead set up each domain as a secondary domain from within Google Apps, and then individually set up MX records, SPF, and DKIM for each other domain.


  • Have all mail be in one box, and be able to send from aliases in Google Apps, just like I do now.
  • Have NO MAIL AT ALL sent from Cpanel server
  • Have ALL MAIL sent through Google Apps ONLY
  • Have server configured so that if I put a contact form onto a website, either through wordpress or through generic PHP (like FSContact or Contact Form 7), it still sends through Google servers, NOT through my web server.
  • Make it impossible for spammers to send mail FROM my server via email addresses like "[email protected]".

My Configuration:

First, note that I do not have catchall enabled on my server.

Second, note that Google Apps IS configured for catch all, and it MUST BE (I need it). Of course I want to RECEIVE any mail from any email, I just don't want it SENT from [email protected]

Thirdly, let it be noted that I am on a shared server with a reliable web host. This also means I do not have access to do things like run lines of Linux code, nor do I want to.

For main domain (call it "mymaindomain.com"):
(which is in fact, an addon domain; the root domain for cpanel is forwarded to the addon domain.. i.e. aaa.com is root cpanel domain; bbb.com is set up for google apps; aaa.com, ccc.com, and ddd.com are forwarded to bbb.com)

  • Cpanel > MX Entry > Main domain > MX Records (see pic 1)
  • G-Apps > Generate Domain Key
  • Cpanel > Advanced DNS > Main domain > SPF, and DKIM for Google Apps (see pic 2)
  • ...Wait 24-48 Hours...
  • G-Apps > Activate DKIM Authentication

For all other domains on the server (addon domains):
Cpanel > Forwarders > Forward All Email for a Domain > Choose each domain TO mymaindomain.com
(see pic 3)

pic 1 mx records

pic 2 advanced dns

pic 3 mail forwarders

The other reason I took these screenshots is so that people coming here will see the properly set up configuration (for one domain mail, at least).

Other reason is so you can see my configuration to better help me.

1 Answer 1


So, I'm going to disregard some of what you put since I don't think it's relevant. You should have to do very little in cPanel. I'm going to focus on your end result of:

  • Have all mail be in one box, and be able to send from aliases in Google Apps, just like I do now.
  • Have NO MAIL AT ALL sent from Cpanel server
  • Have ALL MAIL sent through Google Apps ONLY
  • Have server configured so that if I put a contact form onto a website, either through wordpress or through generic PHP (like FSContact or Contact Form 7), it still sends through Google servers, NOT through my web server.
  • Make it impossible for spammers to send mail FROM my server via email addresses like "[email protected]".

There So, the preferred setup would be to have your main domain set up with your Google apps account, and add the aliases within Google Apps domain settings.



Then This:

enter image description here

Next, you'll want to set up the MX records for each domain to be the Google Apps MX records. This will be done in cpanel. You will not need to set the email forwarders in cpanel, since cpanel no longer will touch the mail.

The CNAME entries for ghs.googlehosted.com only need to be set up for the main domain, they will not work for the aliases. This is fine, since the sole reason you have those is so that you can go to mail.mydomain.com to log in to Google Apps.

Lastly, you'll want to change your php.ini file to put in the SMTP server settings for Google Apps. You can also configure your own php mailer. Since the mail function will use Google's own servers, you do not need a DKIM signature. It would be wise to set up your

You'll probably want to set up your SPF records for each domain as well.

Now from inside Google, you can send out mail on any domain, set up multiple aliases for the same inbox, and when your php applications send email they will send using Google's SMTP servers.

  • 1
    hahaha now I'm getting softfails from the [email protected] hahaha the hacker spammers have been defeated!!! :D :D :D hahah I get this error returned to me Received-SPF: softfail (google.com: domain of transitioning mydomain.com does not designate 999.999.999 as permitted sender) (I anonymized the error here of course) haha I WIN!!!
    – superuser
    Commented Feb 9, 2014 at 1:53
  • 1
    p.s. I didn't actually change the php.ini file. I just added the Google Apps domain aliases for each domain, and added the MX Records and SPF records for each domain.
    – superuser
    Commented Feb 9, 2014 at 1:57

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .