Enter your idea

Obviously the ideal solution here is to allow users to add their own email server settings. FWIW, Quickbooks desktop has done this for at least 12 years, probably longer. In the Send Forms preferences, you can specify common providers (gmail, yahoo, etc), but you can also set up your own email server. ours requires SSL and authentication. Your password is requested the first time you send an email in a session and remembered until you log out. See attached.

As far as the complexity, let people decide for themselves. We have used Quickbooks to email invoices for years and have SPF/DKIM configuration all dialed in with our web host, who also hosts our email server. It wasn't complicated or hard to set up at all.

My suggested solution to this:

Allow users to optionally enter SMTP server details, so that Xero then sends email via the user's SMTP server. This would allow users to use their existing SPF/DKIM configuration and take ownership of deliverability and the return path.

The only settings required would be: host, port, username, password, encryption method.

The user could set up SMTP using their preferred service, e.g:

https://www.mailgun.com/products/send/smtp/
https://docs.aws.amazon.com/ses/latest/dg/smtp-connect.html
https://postmarkapp.com/smtp-service
https://mailchimp.com/developer/transactional/docs/smtp-integration/
https://support.microsoft.com/en-gb/office/pop-imap-and-smtp-settings-8361e398-8af4-4e97-b147-6c6c4ac95353
https://apps.google.com/supportwidget/articlehome?hl=en&article_url=https%3A%2F%2Fsupport.google.com%2Fa%2Fanswer%2F2956491%3Fhl%3Den&assistant_id=generic-unu&product_context=2956491&product_name=UnuFlow&trigger_context=a

Absolutely agree with Christopher. If someone can’t do it, they can hire IT pros. We setup this for Stripe without any issues and never contacted their support.
As for Xero competitors not doing any better, I believe QuickBooks allows to use gmail for sending invoices from your own email address. This is probably not the best way of doing it, but better then nothing.

At least give the choice! If companies cannot configure their SPF then that is their problem and it should not hold back the rest of us....

Dear Jane,

As part of the global war against spammers, all emails should be sent from a domain name with valid SPF and DKIM configured. Xero are sending from "post.xero.com" so that they can control the SPF and DKIM for the sending domain. if they allowed users to send from Xero's mail servers using their own domain name, they would have to provide a way that users could correctly configure their own domain names with the right SPF setting, and including the right DKIM public key, otherwise deliverability of outgoing emails would be worse than at present. Xero may be reluctant to do this because it might generate lots of unwanted tech support tickets from users who're struggling with this. There are ways they could do this in a manageable fashion, but it would require expert project planning. There appears to be a lack-of-will at Xero to even look at this. Perhaps because their competitors aren't doing any better in this respect?

We have had to resort to using the following text on all our quotes now because xero regularly autofills the reply-to email with its own! This must be a really bad advert for xero as it is read by all our customers.......
'When replying to this email please check the reply address is info@xxxxxx.co.uk Sometimes the email will autofill with messaging-service@post.xero.com. This email address is not monitored, xero do not notify us, and we will not receive it. If you place an order and do not hear back from us within 48hrs please get in touch as we may not have received your email.

Our clients pay online. When you send the email from Xero, the email is HTML formatted and includes buttons to the payment link and to a page where the client can view their past/overdue invoices. It also merges in stuff like the client name automatically. It looks nice.

Yes, we could do something similar manually but it's a lot of work per email compared to just clicking a button from the invoice page. I'm just suggesting that the same thing could be done from the Xero UI, to automatically fill out a new email, already formatted to match the template in Xero, with buttons and maybe a PDF attachment. It saves several steps and a bunch of copy/pasting/editing of boilerplate text that you'd have to keep handy, if you did it the way you describe.

Sure, I had assumed you could just download the pdf invoice and send it out anyway in your use case......

@Christopher Dunham: It may not work for your use case, but it would work for ours and many others. We invoice our customers individually. As I said, a workaround. I'd prefer that the emails just go through our server as well but this would be a quick and easy way for them to implement something that works for individual emails.

Perry - thats not going to work for any companies which automate their invoices. We rarely send out an invoice individually.

This issue is such a shame as other than this Xero is great, but its all for nothing if clients dont get the invoices

There is a relatively simple solution to this, or at least a workaround that doesn't require Xero to send the mail through your own SMTP server: All Xero needs to do is create a mailto link that pre-populates your local mail application. Here is a simple example: https://htmlf1.com/snippet/create-mailto-link-with-pre-populated-content

This is something that Quickbooks did for a long time and maybe still does. Basically it creates a new email with the To, CC, even BCC fields, the subject line, and the body pre-populated with the template text. Your default email program opens up with a new email already filled out and ready to send. I'm not sure if it's possible to attach a PDF to it, but it should work for online payment emails, and worst case, Xero could generate a PDF as part of the process so you can manually attach it.

As a bonus, this could also address the issue here: https://productideas.xero.com/forums/939198-for-small-businesses/suggestions/45150577-contacts-allow-multiple-addresses-for-a-single-c

We are still experiencing a high volume of invoices and quotes not reaching our customers due to their servers automatically marking xero invoices as spam! It is getting really inconvenient particularly when customers accept a quote but the email is not sent to us - they think they have made an order and sometime down the road realise they havent.
We have been looking at quikbooks which doesnt have this issue

The majority of our invoices sent from Xero land in clients' spam folders.

Asking clients to mark @xero.com as a safe sender is not a solution.

Please allow Xero users to specify SMTP details for outgoing mail.

Duty of care liability

Q1 - If a XERO customer loses money through fraud that is attributable to lax security in their financial product, can they seriously defend a negligence claim ?

I assert that XERO should be as accountable as a bank. The money is not in a bank account that XERO has - but if it is fraudulently taken from an account through lax security provided by XERO, there must be a strong argument that they do have a defacto duty of care as the intermediary.

There are public records on XERO website going back 10 years with many customers nearly raging at this security issue and how easy it is to fix. Most of the companies I also engage with have this feature, so it's a no-brainer really.

The world is a nightmare for security with hackers trying to insert them in all parts of the business chain. XERO has passwords (standard) and 2FA (standard) but no SMPT AUTH emails (standard for others).

Maybe a lawyer or two could chip in here as to the liability ramifications if a customer does everything right and unauthenticated (easily phished) emails are the cause of a supply chain attack where someone loses a million dollars.

I recently chased this as high as I could go through XERO staff and were told that "this is not even on a roadmap for developments but we can leave a +1 in the comments section if we like". It's at 102 now, maybe next year it'll get to a number high enough to notice.

Food for thought.

We've used Quickbooks for 20+ years and just switched to Xero. I'm kind of floored that I can't sent invoices through our mail server. This is basic stuff - please make it so that the user can use their own SMTP server (authenticated) for outgoing emails. I sent 5 invoices out today and just found out that 2 were filtered to spam. That's not good.

About 80% of our invoices are paid late. Xero admitted this fact by doing the "Get paid on time" challenge recently. Instead of wasting time on something that will have little effect or no effect at all, perhaps it would be better to analyse the root causes of this issue.

Most of our clients don't take seriously emails that are coming from a different address, some just ignore them thinking it's a scam or some never saw them because they were marked as spam.

So, Xero, perhaps 10 years is enough to keep silent and you can finally start working on tools your clients desperately need.

We recently tested QuickBooks and seriously considering switching to them. I'm not saying they don't have any issues, but their subscription is much cheaper, so we'll get more value for our buck.

This is vital for our client delivery and security.

Indeed. As all invoices for every Xero customer come from the same email address, it only takes someone flagging some *other* company's invoices / statements as 'spam', and they have inadvertently flagged ALL incomng invoices from ALL Xero customers as spam as well.

Note to Xero technical team : I'm aware that there are some technical challenges in implementing this properly, including the need not to generate a tsunami of customer support tickets, but I am an expert in this field, and I have a number of ideas how you can address this issue without it turning into a customer-support desk nightmare.

This is severely needed.

We have some senders that never even get our invoices. The deliverability from the default address is terrible.

Xero just don't get it, do they?

How about we explain it this way:
"From now on Xero, all of *your* monthly service invoices will be sent out not from an @xero.com email address, but from message-service@room101.co.uk (ie a random-looking email address) Would your head of marketing/branding be OK with this? Would your head of credit control be OK with the drop in prompt payments caused by this? Would your head of customer support be OK with the huge increase volume of trouble-tickets this would generate? Would your shareholders be OK with the increase in debtors ledger, bad debts and annual write-downs of uncollectible historical invoices caused by this?