- 12 Dec 2023
- 8 Minutes to read
Configuring DNS Settings for Email
- Updated on 12 Dec 2023
- 8 Minutes to read
This guide aims to provide the technical requirements for DNS Record setup along with explanations to the following concepts:
- What is DNS?
- Types of DNS
- What is DNS authentication in email marketing?
- How does Insider provide DNS record?
- DNS Setup
- Required DNS Records
- How to configure DNS records
Creating a subdomain for email campaigns allows the company to isolate varying types of traffic (e.g. marketing vs. transactional, promotional vs. transactional vs. other types, etc.), speeds up the IP warming process, and improves deliverability overall. If you use a domain and it gets blocked or added to the block list, it could impact your personal mail delivery and hosted website as well. That's why Insider strongly suggests using a subdomain instead of the main/root domain.
What is DNS (Domain Name System)?
DNS is a domain name system that stores and translates the domain names into the associated IP addresses of the hosting server. When you search with a domain name/URL in your browser for a website, then the browser checks for the respective IP address in the DNS server to retrieve the information of the web page.
Types of DNS
DNS records contain information about the domain and are stored in the DNS server in different types: A Record, MX Record, TXT Record, CNAME Record, and NS Record.
A Record
A record has the IP address information of a specific domain, resolves the domain name to an IPv4 address. Similarly, AAAA record stores the IPv6 address of a domain. IPv6 is an advanced version of IPv4 and offers more IP addresses.
MX Record
MX is a mail exchanger record. It specifies where the emails for a domain should be routed to. This is a guide which directs an email to a mail server. MX records should always point to another domain (i.e. mail server domain). For any domain to receive the emails, an MX record must be published. Also, in this record, priorities can be set. Lower priority number means highest preference.
TXT Record
In this record, text can be stored in the DNS. TXT records can be used to confirm the domain ownership, secure the emails and prevent spam. For a domain, you can have multiple TXT records published.
CNAME Record
Canonical Name record (CNAME) Record is an alias that points a domain to another domain but not an IP address. A domain name that the alias points to is a Canonical name, and all the DNS configurations will be resolved on the destination canonical domain itself.
NS Record
Name Server(NS) record specifies the authoritative DNS server of a domain, and contains the address of the domain’s name server. This record tells the web browser where to go to find out the domain’s IP/information.
What is DNS authentication in email marketing?
DNS authentication is a process of verifying the identity of an email sender. Authenticating the sending domain that you use for email marketing will help in preventing spoofing, phishing and spamming activities on your emails.
Through DNS authentication, you can prove to your customers and mailbox providers that your mails are legitimate and safe.This will build the trust and reputations at mailbox providers, which helps in improving the overall deliverability.
You can secure your emails with 3 important types of authentication techniques: Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-Based Message Authentication, Reporting and Conformance (DMARC).
Sender Policy Framework (SPF)
In SPF record, you can specify which IP addresses or mail servers are authorized to send on behalf of your domain. Whenever a mail is received at the ISP end, they will check for the incoming IP in the SPF record that you publish in the DNS server. If the IP matches with the list of IP addresses that you added in the record, then SPF passes, or else it will fail and all the mails will be rejected by the ISPs.
ISPs check SPF on the Return Path domain. Through this authentication technique, you can prevent spoofing activities.
DomainKeys Identified Mail (DKIM)
DKIM provides the receiver or ISPs a way to validate the domain’s identity. This way, DKIM helps in verifying that an email is from a legitimate sender. This record is like a passport that can validate who you are and where you are from.
This is an encrypted way of authentication. For the DKIM set up, a pair of public key and private keys will be generated. The public key will be added in domain’s DNS server whereas the private key will be signed on each outgoing email. ISPs check if both the keys are matching and will pass accordingly.
Domain-Based Message Authentication, Reporting and Conformance (DMARC)
DMARC is an extra layer of authentication that builds on SPF and DKIM. Through DMARC, you can set policies (p=none/reject/quarantine) and specify to mailbox providers on how they should treat the emails if the authentications fail.
Using DMARC, you can get the failure (ruf) and aggregate (rua) reports to identify any spoofing or malicious activity happening on your domain.
How does Insider provide DNS Record (DNS Record format)?
Insider's Email product provides the DNS record in both TXT and CNAME formats. While setting up the email configuration, you can select Record Type as either TXT or CNAME.
If you choose to use CNAMEs or TXT for a subdomain to Insider, during the setup phase, Insider will provide the records to be placed in the partner DNS servers and will configure the corresponding values in Insider Campaign DNS servers.
DNS Setup
See below for responsibilities of Insider and Partner for DNS setup.
Option | Description | Insider Responsibilities | Partner Responsibilities |
---|---|---|---|
Subdomain Configuration | Partner configures subdomain (example.useinsider.com) to Insider. In this scenario, Insider controls and maintains all aspects of DNS that are required for delivering, rendering, and tracking of email campaigns, and can deliver the campaign as a managed service. | Complete management of the subdomain and all DNS records required for the Insider campaign | Proper and accurate configuration of the subdomain to Insider |
Use of CNAMEs | Partner creates a subdomain and uses CNAMEs to point to Insider -specific records. Using this setup, both Insider and Partner share responsibility for maintaining DNS. | Management of DNS records required for the Insider campaign | Creation and control of the subdomain and creation/management of the CNAME records required for the Insider campaign |
Required DNS Records
See below for the purpose and examples of the required records.
Record Type | Purpose | Examples of the record/content |
---|---|---|
MX | Specify mail servers for incoming messages | email.example.com 10 inbound.email.example.com |
SPF (TXT) | Sender Policy Framework | email.example.com “v=spf1 redirect=__spf.campaign.insider.com” |
DKIM (TXT) | DomainKeys Identified Mail | selector._domainkey.email.example.com |
Reverse DNS (PTR) | Maps the partner’s IP addresses to the partner’s branded domain | 11.111.111.111.in-addr.arpa domain name pointer r11.email.example.com |
CNAME | Provides an alias to another domain name | x1.email.example.com is an alias for x1.email.example.campaign.insider.com |
DMARC Record | _dmarc.email.example.com | “v=DMARC1; p=none; rua=mailto:mailauth-reports@youremail.com” |
How to configure DNS Records
Your Onboarding Workspace document will contain the DNS records that you must configure before starting to send emails via Insider.
The following is an example case for the verycoolbusiness.com domain (root domain) and email.verycoolbusiness.com subdomain configured on GoDaddy.
Keep in mind that your own DNS records will differ from the sample DNS records of the example case, and that you should adapt the following to your own domain and subdomain.
To configure your DNS records, follow these steps:
1. Log in to your domain registrar or DNS Host Zone. In this example case, we use GoDaddy panel.
2. Navigate to the DNS Management section for your root domain. In this example, the root domain is verycoolbusiness.com.
Below is the DNS record for the example root domain verycoolbusiness.com.
Type | Host | Value |
---|---|---|
CNAME | em4855.verycoolbusiness.com | u7281236.wl237.sendgrid.net |
CNAME | s1._domainkey.verycoolbusiness.com | s1.domainkey.u7281236.wl237.sendgrid.net |
CNAME | s2._domainkey.verycoolbusiness.com | s2.domainkey.u7281236.wl237.sendgrid.net |
CNAME | _dmarc.verycoolbusiness.com | _dmarc. useinsider.email |
CNAME | 5vfgj23xycnd.verycoolbusiness.com | gv-4t6ahgyknyxvl7.dv.googlehosted.com |
3. Click the Add New Record button to add the first DNS record as follows:
Type: CNAME
Host: em4855
Value: u7281236.wl237.sendgrid.net.
TTL: 1/2 Hour
Click the Save button to save your record.
4. Add the second DNS record in a similar way:
Type: CNAME
Host: s1._domainkey
Value: s1.domainkey.u7281236.wl237.sendgrid.net
TTL: 1/2 Hour.
Click the Save button to save your record.
5. Add the third DNS record:
Type: CNAME
Host: s2._domainkey
Value: s2.domainkey.u7281236.wl237.sendgrid.net
TTL: 1/2 Hour
Click the Save button to save your record.
6. Add the fourth DNS record as follows:
Type: CNAME
Host: _dmarc
Value: _dmarc.useinsider.email.
TTL: 1/2 Hour
Click the Save button to save your record.
7. Add the fifth and final DNS record as follows:
Type: CNAME
Host: 5vfgj23xycnd
Value: gv-4t6ahgyknyxvl7.dv.googlehosted.com.
TTL: 1/2 Hour
Click the Save button to save your record.
How to add DNS record for a subdomain in CNAME format
The DNS record mentioned below for the example subdomain email.verycoolbusiness.com is in CNAME format.
Below is the DNS record for the example subdomain email.verycoolbusiness.com.
Type | Host | Value |
---|---|---|
CNAME | em6640.email.verycoolbusiness.com | u7281236.wl237.sendgrid.net |
CNAME | s1._domainkey.email.verycoolbusiness.com | s1.domainkey.u7281236.wl237.sendgrid.net |
CNAME | s2._domainkey.email.verycoolbusiness.com | s2.domainkey.u7281236.wl237.sendgrid.net |
CNAME | _dmarc.email.verycoolbusiness.com | _dmarc. useinsider.email |
CNAME | z6zk4x274eom.email.verycoolbusiness.com | gv-pgybkfjmy3qscp.dv.googlehosted.com |
1. Log in to your domain registrar or DNS Host Zone. In this example case, we use GoDaddy panel.
2. Navigate to the DNS Management section for your root domain. In this example, the root domain is verycoolbusiness.com.
3. Click the Add New Record button to add the first DNS record as follows:
Type: CNAME
Host: em6640.email
Value: u7281236.wl237.sendgrid.net.
TTL: 1/2 Hour
Click the Save button to save your record.
4. Add the second DNS record in a similar way:
Type: CNAME
Host: s1._domainkey.email
Value: s1.domainkey.u7281236.wl237.sendgrid.net.
TTL: 1/2 Hour
Click the Save button to save your record.
5. Add the third DNS record as follows:
Type: CNAME
Host: s2._domainkey.email
Value: s2.domainkey.u7281236.wl237.sendgrid.net.
TTL: 1/2 Hour
Click the Save button to save your record.
6. Add the fourth DNS record:
Type: CNAME
Host: _dmarc.email
Value: _dmarc.useinsider.email.
TTL: 1/2 Hour
Click the Save button to save your record.
7. Add the fifth and final DNS record:
Type: CNAME
Host: z6zk4x274eom.email
Value: gv-pgybkfjmy3qscp.dv.googlehosted.com.
TTL: 1/2 Hour
Click the Save button to save your record.
How to add DNS record for a subdomain in TXT format
To add the DNS in TXT format, change the record type from CNAME to TXT. The following table displays the records for the example subdomain email.verycoolbusiness.com.
Type | Host | Value |
---|---|---|
MX | ins.email.verycoolbusiness.com | mx.sendgrid.net |
TXT | ins.email.verycoolbusiness.com | v=spf1 include:sendgrid.net ~all |
TXT | ins._domainkey.email.verycoolbusiness.com | k=rsa; t=s; p=your public key |
TXT | _dmarc.email.verycoolbusiness.com | _dmarc. useinsider.email |
TXT | email.verycoolbusiness.com | google-site-verification=b5nfYiUT4QYhxJoBfUS3MHUPwK6tQsExpT0VZ1eEOeE |
Reply-To Address (Domain)
The purpose of the “reply-to address” field is to allow the recipient to reply to a different address than the “from address”. Reply-to address is not a required field, however, Insider strongly recommends the “reply-to address” be valid and linked to a monitored mailbox.
The partner must host this mailbox. It could be a support mailbox such as customercare@customer.com, where emails are read and responded to.
When the “reply-to address” is not set up correctly, replies will not be sent, and Insider also does not offer the ability to auto-reply or auto-forward emails received in this mailbox.
For the “reply-to address”, there is no need to add a specific DNS record likewise “from email address”.