Identity Verification
- HelpCenter
- Identity Verification
How to add and verify Sending Domain?
To send emails with Sendimpactt using your own domain, you first need to verify and authenticate it. This process is quick and easy, and it’s important to do it in order to ensure that your emails are delivered to your recipients’ inboxes.
Although each provider has their own format for accepting records, all platforms will provide the following options needed for Sendimpactt for domain verification.
- Domain verification: Adding “emarketing” DNS record specifies how email messages from your domain are authenticated, helping improve deliverability and protect against spoofing.
- DKIM Verification: DKIM (DomainKeys Identified Mail) verification adds a digital encrypted signature to emails, allowing recipients to verify that the email was sent by an authorized server and hasn’t been tampered with.
- SPF Verification: SPF (Sender Policy Framework) verification checks that incoming emails are sent from servers authorized by the domain’s DNS records, helping to prevent email spoofing.
- DMARC Verification: DMARC verification of a domain is an email authentication protocol that helps prevent spoofing by ensuring emails are properly authenticated and allows domain owners to set policies on how to handle unauthenticated messages
Please note that you need to have access to the domain DNS Records so you can complete the following steps.
Navigate to Setting by clicking on the user icon on the top right side of any screen.
To add these DNS records, you will need to log in to your domain registrar’s website and locate the DNS settings for your domain.
After adding the records, click Verify Domain Once the records have been propagated, your domain will be verified and ready to use
How to configure the DNS settings of your domain ?
Please note important instructions and tips for configuring DNS records of your domain.
Go to DNS records setting of your domain hosting and add new DNS records as shown below.
- SPF record:
- Select DNS record type as TXT
- HOSTNAME value as @ (Some email domain providers do not support @. In that case, try entering your domain name, like mydomain.com or leave the field blank while adding this DNS record)
- For value field, paste SPF value copied from your Sendimpactt account.
- DKIM record:
- Select DNS record type as TXT
- HOSTNAME value as _domainkey
- For value field, paste DKIM value copied from your Sendimpactt account.
- DMARC record:
- Select DNS record type as TXT
- Enter HOSTNAME value as _dmarc
- For value field, paste DMARC value copied from your Sendimpactt account.
- eMarketing record:
- Select DNS record type as TXT
- HOSTNAME value as emarketing
- For value field, paste value copied from your Sendimpactt account.
Once all needed DNS records added , go to your Sendimpactt account settings and validate the domain. Please note that, it may take up to 24 hours for DNS records to propagate.
If your domain is not verified, please allow time for DNS records to propagate and then try validating the domain again.
SPF/DKIM parameters
How does SPF work?
Sender Policy Framework or SPF follows below steps to ensure security of your email sending domains.
- Your DNS has SPF records that list all of your domain’s authorized IP addresses or servers.
- Whenever an email is sent from your domain, the receiving email server checks these records.
- If the sender’s IP address (or server) matches one on the list, the email is authenticated. Emails that pass SPF authentication can reach their destination inboxes, while those that fail might not.
You can include the SPF/DKIM parameters in your DNS settings. SPF (Sender Policy Framework) is a DNS text entry which provides a list of servers that should be considered allowed to send emails for a specific domain.
How does DKIM work?
- An email sent from your domain is signed with your private key.
- To verify the signature, the receiving email server retrieves the public encryption key found in the DKIM records on your DNS. Authentication occurs if the signature and key pairs match.
- If an attacker tried to modify the email during transit, this signature would fail to verify.
- The receiving server would see this as evidence of tampering and mark the email, protecting the end receiver from a potentially malicious email.
- You can see both SPF and DKIM values in the “Domains” branch of the “Settings” section.
Include these records into your provider’s DNS settings – when you’re done with the implementation, come back to the domains section and click “Verify SPF and DKIM records” and “Check records“. If records were embedded correctly, you will see green checkmarks.
Each hosting solution has a different interface and various methods of how SPF and DKIM are configured. Therefore, we have collected some links of the most popular hosting solution supporting articles on how it’s done. Hope it’ll come in handy.
Please find your hosting provider:
- 1&1 -> How to add SPF and DKIM records in 1&1.com?
- A2 Hosting -> How to manage e-mail deliverability settings
- Amazon Web Services -> Supported DNS Record Types
- BigCommerce -> How to Set DNS records for BigCommerce?
- Blue host -> How to add a DNS Record?
- Dnsmadeeasy.com -> CNAME Record and Create a TXT Record
- Dreamhost -> How do I add custom DNS records?
- GoDaddy -> How to add an SPF record? and How to create a CNAME for DKIM? (IMPORTANT. If you’re implementing the DKIM via Godaddy.com the host value is “sender._domainkey” and set the SPF host as “@”).
- Google Domains -> DNS basics
- GreenGeeks -> How to Enable Email Authentication
- Hostgator -> How to create a DNS record?
- Hostinger -> How to Enable or Add SPF records? and How to add DKIM record?
- Hover -> Managing DNS records
- Inmotionhosting -> How to add a DNS record?
- IONOS -> Configuring a CNAME record and Creating an SPF record
- iPage -> How to add, edit and delete DNS records?
- Namecheap -> How do I add TXT/SPF/DKIM/DMARC records for my domain?
- Networksolutions -> How Do I Manage DNS and Advanced DNS Records?
- Nexcess -> How to enable DKIM?
- Shopify -> Editing the DNS settings
- Squarespace -> DNS settings
- SiteGround -> How to configure SPF, DKIM and DMARC records?
- StableHost -> How to add a CNAME record?
- Truehost -> How to set up Truehost Free DNS
- Webcentral -> Creating CNAME zone records and Creating TXT/SPF Zone records
- WebHostingHub.com -> Add DNS Record
- WestHost -> SPF/DKIM Record
- Wix -> Managing DNS records
- WordPress -> Manage Your DNS Records
- WP Engine -> DMARC Policies for Email Deliverability
- Yola -> Managing DNS records for your domain
If you could not find your hosting provider on the list, please contact your provider directly for support.
DMARC
In addition to DKIM, it’s crucial to set up a DMARC (Domain-based Message Authentication, Reporting, and Conformance) policy for your domain. DMARC is an email authentication method designed to verify the authenticity of email messages, ensuring they are sent from legitimate sources. This helps protect both senders and recipients from phishing, spamming, and spoofing attacks.
DMARC works alongside DKIM to evaluate the legitimacy of email messages. When both DMARC and DKIM are correctly configured, you can confidently send emails through an email service provider like Mailchimp Transactional.
At a minimum, your DMARC policy should be set to “p=none” in relaxed mode. This setting indicates that emails failing authentication should still be delivered normally.
To set up DMARC for your domain:
- Access your domain’s DNS settings.
- Add a TXT record named “_dmarc.yourdomain.com” (Replace “yourdomain.com” with your actual domain name).
- In the TXT record value, include the following: “v=DMARC1; p=none” (You can add additional parameters for stricter policies if needed).
Ensure that your DMARC record is valid by using the “Test DNS Settings” feature on your Sending Domains page.
By implementing DMARC alongside DKIM, you enhance the security of your email communications and reduce the risk of unauthorized usage of your domain for malicious purposes. Be sure to regularly monitor and update your DMARC policy as needed to maintain the integrity of your email authentication practices.
