Front routes your shared-inbox replies through SendGrid, tagged “via sendgrid.net”, until you add the three deliverability records that make them authenticate as your domain.
Front sends through SendGrid, so authenticating a domain means adding three records from Front's Deliverability panel — an SPF TXT, a DKIM record, and an MX record at the front-mail subdomain (separate from your primary @ MX, so it doesn't touch inbound mail). Add all three and “via sendgrid.net” disappears from your From address and DMARC can align. Source: help.front.com · verified 2026-07-15
p=none and a rua address, watch reports for a week, confirm this sender shows 100% pass.No. Adding SPF includes and DKIM records only adds authentication — it never blocks existing mail. The only risky step is tightening your DMARC policy, and that comes later, after reports confirm everything passes.
Send yourself a test email and inspect the headers for spf=pass, dkim=pass and dmarc=pass — or just watch your DMARCKeeper dashboard: the sender's pass rate should hit 100% within a day or two.
Yes. SPF and DKIM authenticate mail; DMARC is what tells receivers to BLOCK mail that fails, and it's the piece Gmail, Yahoo and Outlook now check for explicitly.