Suggested readings: Email Channel Setup, Sender Management
Creating a subdomain for email campaigns allows the company to isolate traffic by type (e.g., marketing vs. transactional, promotional vs. transactional, etc.), speed up the IP warming process, and improve overall deliverability. If you use a domain and it gets blocked or added to the block list, it could also affect your personal email delivery and your hosted website. That's why Insider strongly recommends using a subdomain rather than the main/root domain.
This guide aims to provide the technical requirements for DNS Record setup, along with explanations of the following concepts:
- What is DNS?
- What are the types of DNS?
- What is DNS authentication in email marketing?
- How does Insider provide a DNS record?
- What are the customer's responsibilities for the DNS Setup?
- What are the required DNS records?
- How can customers configure the DNS records?
What is DNS (Domain Name System)?
DNS is a domain name system that stores and translates domain names into the associated IP addresses of the hosting server. When you search for a website by its domain name/URL in your browser, the browser checks the DNS server for the corresponding IP address to retrieve the web page.
What are the types of DNS?
DNS records contain information about the domain and are stored on DNS servers in several types: A Record, MX Record, TXT Record, CNAME Record, and NS Record.
A Record
A record has the IP address information of a specific domain and resolves the domain name to an IPv4 address. Similarly, the AAAA record stores the IPv6 address of a domain. IPv6 is an advanced version of IPv4 and offers more IP addresses.
MX Record
MX is a mail exchanger record. It specifies where the emails for a domain should be routed to. This is a guide that directs an email to a mail server. MX records should always point to another domain (i.e., mail server domain). An MX record must be published for any domain to receive emails. Also, in this record, priorities can be set. A lower-priority number means a higher preference.
TXT Record
In the TXT record, text can be stored in the DNS. TXT records can be used to confirm domain ownership, secure email, and prevent spam. For a domain, you can publish multiple TXT records.
CNAME Record
A Canonical Name record (CNAME) is an alias that points a domain to another domain, but not an IP address. The domain name that the alias points to is a Canonical name, and all DNS configurations will be resolved on the destination canonical domain itself.
NS Record
Name Server(NS) record specifies the authoritative DNS server of a domain and contains the address of the domain’s name server. This record tells the web browser where to find the domain’s IP address and other information.
What is DNS authentication in email marketing?
DNS authentication is the process of verifying the identity of an email sender. Authenticating the sending domain you use for email marketing will help prevent spoofing, phishing, and spamming activities on your emails.
Through DNS authentication, you can prove to your customers and mailbox providers that your mail is legitimate and safe. This will build the trust and reputation of mailbox providers, which will help improve the overall deliverability.
You can secure your emails with three essential types of authentication techniques: Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-Based Message Authentication, Reporting, and Conformance (DMARC).
Sender Policy Framework (SPF)
In the SPF record, you can specify which IP addresses or mail servers are authorized to send on behalf of your domain. Whenever a mail is received at the ISP end, they will check for the incoming IP in the SPF record that you publish in the DNS server. If the IP matches the list of IP addresses you added to the record, then SPF passes, or else it will fail, and the ISPs will reject all the emails.
ISPs check SPF on the Return Path domain. Through this authentication technique, you can prevent spoofing activities.
DomainKeys Identified Mail (DKIM)
DKIM provides the receiver or ISPs with a way to validate the domain’s identity. This helps verify that an email is from a legitimate sender. This record is like a passport that can validate who you are and where you are from.
This is an encrypted method of authentication. For the DKIM setup, a pair of public and private keys will be generated. The public key will be added to the domain’s DNS server, whereas the private key will be signed on each outgoing email. ISPs check if both keys match and will pass accordingly.
Domain-Based Message Authentication, Reporting and Conformance (DMARC)
DMARC is an extra layer of authentication that builds on SPF and DKIM. Through DMARC, you can set policies (p=none/reject/quarantine) and specify to mailbox providers how they should treat the emails if the authentications fail.
Using DMARC, you can get the failure (ruf) and aggregate (rua) reports to identify any spoofing or malicious activity happening on your domain.
How does Insider provide DNS Record (DNS Record format)?
Insider's Email product provides the DNS record in both TXT and CNAME formats. While setting up the email configuration, you can select Record Type as either TXT or CNAME.
If you choose to use CNAMEs or TXT for a subdomain to Insider, during the setup phase, Insider will provide the records to be placed in the customer DNS servers and will configure the corresponding values in Insider Campaign DNS servers.
DNS Setup
See below for the responsibilities of Insider and customer for DNS setup.
| Option | Description | Insider Responsibilities | Customer Responsibilities |
|---|---|---|---|
| Subdomain Configuration | Customer configures subdomain (example.useinsider.com) to Insider. In this scenario, Insider controls and maintains all aspects of DNS that are required for delivering, rendering, and tracking of email campaigns, and can deliver the campaign as a managed service. | Complete management of the subdomain and all DNS records required for the Insider campaign | Proper and accurate configuration of the subdomain to Insider |
| Use of CNAMEs | Customer creates a subdomain and uses CNAMEs to point to Insider-specific records. Using this setup, both Insider and customer share responsibility for maintaining DNS. | Management of DNS records required for the Insider campaign | Creation and control of the subdomain and creation/management of the CNAME records required for the Insider campaign |
Required DNS Records
See below for the purpose and examples of the required records.
| Record Type | Purpose | Examples of the record/content |
|---|---|---|
| MX | Specify mail servers for incoming messages | email.example.com 10 inbound.email.example.com |
| SPF (TXT) | Sender Policy Framework | email.example.com “v=spf1 redirect=__spf.campaign.insider.com” |
| DKIM (TXT) | DomainKeys Identified Mail | selector._domainkey.email.example.com |
| Reverse DNS (PTR) | Maps the customer's IP addresses to the customer's branded domain | 11.111.111.111.in-addr.arpa domain name pointer r11.email.example.com |
| CNAME | Provides an alias to another domain name | x1.email.example.com is an alias for x1.email.example.campaign.insider.com |
| DMARC Record | _dmarc.email.example.com | “v=DMARC1; p=none; rua=mailto:mailauth-reports@youremail.com” |
Configure DNS Records
The following is an example case for the verycoolbusiness.com domain (root domain) and email.verycoolbusiness.com subdomain configured on GoDaddy.
Sender Management allows users to configure and manage the email addresses and domains used for sending emails. It includes adding and verifying sender domains, setting up DNS records (CNAME, DMARC), and managing sender addresses.
Keep in mind that your own DNS records will differ from the sample DNS records of the example case and that you should adapt the following to your own domain and subdomain.
To configure your DNS records, follow these steps:
1. Log in to your domain registrar or DNS Host Zone. In this example case, we use the GoDaddy panel.(1).png)
2. Navigate to the DNS Management section for your root domain. In this example, the root domain is verycoolbusiness.com.(1).png)
Below is the DNS record for the example root domain verycoolbusiness.com.
| Type | Host | Value |
|---|---|---|
| CNAME | em4855.verycoolbusiness.com | u7281236.wl237.sendgrid.net |
| CNAME | s1._domainkey.verycoolbusiness.com | s1.domainkey.u7281236.wl237.sendgrid.net |
| CNAME | s2._domainkey.verycoolbusiness.com | s2.domainkey.u7281236.wl237.sendgrid.net |
| CNAME | _dmarc.verycoolbusiness.com | _dmarc. useinsider.email |
| CNAME | 5vfgj23xycnd.verycoolbusiness.com | gv-4t6ahgyknyxvl7.dv.googlehosted.com |
3. Click the Add New Record button to add the first DNS record as follows:
Type: CNAME
Host: em4855
Value: u7281236.wl237.sendgrid.net.
TTL: 1/2 Hour(1).png)
Click the Save button to save your record.
4. Add the second DNS record in a similar way:
Type: CNAME
Host: s1._domainkey
Value: s1.domainkey.u7281236.wl237.sendgrid.net
TTL: 1/2 Hour.
(1).png)
Click the Save button to save your record.
5. Add the third DNS record:
Type: CNAME
Host: s2._domainkey
Value: s2.domainkey.u7281236.wl237.sendgrid.net
TTL: 1/2 Hour(1).png)
Click the Save button to save your record.
6. Add the fourth DNS record as follows:
Type: CNAME
Host: _dmarc
Value: _dmarc.useinsider.email.
TTL: 1/2 Hour
(1).png)
Click the Save button to save your record.
7. Add the fifth and final DNS record as follows:
Type: CNAME
Host: 5vfgj23xycnd
Value: gv-4t6ahgyknyxvl7.dv.googlehosted.com.
TTL: 1/2 Hour
(1).png)
Click the Save button to save your record.
Add DNS record for a subdomain in CNAME format
The DNS record mentioned below for the example subdomain email.verycoolbusiness.com is in CNAME format.
Below is the DNS record for the example subdomain email.verycoolbusiness.com.
| Type | Host | Value |
|---|---|---|
| CNAME | em6640.email.verycoolbusiness.com | u7281236.wl237.sendgrid.net |
| CNAME | s1._domainkey.email.verycoolbusiness.com | s1.domainkey.u7281236.wl237.sendgrid.net |
| CNAME | s2._domainkey.email.verycoolbusiness.com | s2.domainkey.u7281236.wl237.sendgrid.net |
| CNAME | _dmarc.email.verycoolbusiness.com | _dmarc. useinsider.email |
| CNAME | z6zk4x274eom.email.verycoolbusiness.com | gv-pgybkfjmy3qscp.dv.googlehosted.com |
1. Log in to your domain registrar or DNS Host Zone. In this example case, we use the GoDaddy panel.(1).png)
2. Navigate to the DNS Management section for your root domain. In this example, the root domain is verycoolbusiness.com.(1).png)
3. Click the Add New Record button to add the first DNS record as follows:
Type: CNAME
Host: em6640.email
Value: u7281236.wl237.sendgrid.net.
TTL: 1/2 Hour(1).png)
Click the Save button to save your record.
4. Add the second DNS record similarly:
Type: CNAME
Host: s1._domainkey.email
Value: s1.domainkey.u7281236.wl237.sendgrid.net.
TTL: 1/2 Hour.png)
Click the Save button to save your record.
5. Add the third DNS record as follows:
Type: CNAME
Host: s2._domainkey.email
Value: s2.domainkey.u7281236.wl237.sendgrid.net.
TTL: 1/2 Hour
Click the Save button to save your record.
6. Add the fourth DNS record:
Type: CNAME
Host: _dmarc.email
Value: _dmarc.useinsider.email.
TTL: 1/2 Hour
(1).png)
Click the Save button to save your record.
7. Add the fifth and final DNS record:
Type: CNAME
Host: z6zk4x274eom.email
Value: gv-pgybkfjmy3qscp.dv.googlehosted.com.
TTL: 1/2 Hour
(1).png)
Click the Save button to save your record.
Add DNS record for a subdomain in TXT format
To add the DNS in TXT format, change the record type from CNAME to TXT. The following table displays the records for the example subdomain email.verycoolbusiness.com.
| Type | Host | Value |
|---|---|---|
| MX | ins.email.verycoolbusiness.com | mx.sendgrid.net |
| TXT | ins.email.verycoolbusiness.com | v=spf1 include:sendgrid.net ~all |
| TXT | ins._domainkey.email.verycoolbusiness.com | k=rsa; t=s; p=your public key |
| TXT | _dmarc.email.verycoolbusiness.com | _dmarc. useinsider.email |
| TXT | email.verycoolbusiness.com | google-site-verification=b5nfYiUT4QYhxJoBfUS3MHUPwK6tQsExpT0VZ1eEOeE |
Reply-To Address (Domain)
The purpose of the “reply-to address” field is to allow the recipient to reply to a different address than the “from address”. Reply-to address is not a required field, however, Insider strongly recommends the “reply-to address” be valid and linked to a monitored mailbox.
The customer must host this mailbox. It could be a support mailbox such as customercare@customer.com, where emails are read and responded to.
When the “reply-to address” is not set up correctly, replies will not be sent, and Insider also does not offer the ability to auto-reply or auto-forward emails received in this mailbox.
For the “reply-to address”, there is no need to add a specific DNS record likewise “from email address”.
Video: Configure DNS settings for your subdomain
This video shows how to configure DNS settings for your subdomain: