Adding and Authenticating a Sending Domain

Goals and Outcomes

A sending domain is the domain used in the "From" field of your emails. A dedicated and authenticated sending domain adds security and credibility to the emails you send to customers. Inbox service providers (ISPs) like Google and Yahoo require domain authentication to verify that emails are coming from you. Adding a sending domain can increase your deliverability rates and will remove via yotpomail.com from the "From" field.

In this article, you’ll learn how to add and authenticate your sending domain.

Sending Domain Authentication Overview

An authenticated sending domain shows ISPs that Yotpo has permission to send emails on your behalf. As per requirements from the major ISPs, if you ever send 5,000 emails or more a day, you must authenticate your domain. Explicitly stating that an email comes from you improves your reputation, and makes it less likely that the provider will filter your messages. This means there's more chance your emails will get into your recipient’s inbox and less chance they'll be marked as spam. To learn more, see Yotpo Email Deliverability Guide.

What do my emails look like with and without a sending domain?

Email sending domain authentication involves configuring the SPF, DKIM, and DMARC protocols. These protocols prevent unauthorized use and improve email deliverability.

Important:

If you want to use the same authenticated sending domain across multiple Yotpo accounts, please contact our Support team.

Accessing the Sending Domain Authentication Setup

To start the authentication process, from the Yotpo SMS & Email menu, go to Settings > General Settings and scroll down to the Email Settings tab. Under Dedicated sending domain, click Get started.

Adding and Authenticating a Sending Domain

The sending domain authentication setup has 3 steps:

Step 1: Adding a root domain and a subdomain
Step 2: Updating your DNS records
Step 3: Setting up a DMARC record

Tip:

Before you begin, make sure you know who your DNS provider is and have your credentials ready, as you’ll need to log into the DNS provider’s portal. Your DNS provider is usually the company where you purchased your domain. However, if you’re unsure, you can use a DNS checker like the ICANN lookup tool to find your provider.

Step 1: Adding a root domain and a subdomain

In this step, you first need to enter your root domain, for example, mybrand.com. Next, if you want to align with email deliverability best practices further, you can also add a subdomain. You can choose any word, but it must be used only for Yotpo Email, and not for any other external email service providers (ESPs).

Important:

Adding a sending subdomain can help you isolate your marketing activity and protect your sender reputation from being affected by other email activity from your root domain. For example, if your root domain is mybrand.com, we recommend you use hello as a subdomain. Your sending domain will be @hello.mybrand.com.

Please note that if you add a subdomain, you won’t be able to send emails from your root domain. In this case, the authenticated email address you use to send campaigns and flows could be something like hello@hello.mybrand.com.

Step 2: Updating your DNS records

In this step, you’ll have to update your DNS (Domain Name System) records. There are different types of DNS records. By following the instructions below, you will verify your CNAME records to ensure your domain and subdomain are properly authenticated for email delivery and recognized as legitimate by ISPs.

The verification process will require you to log into your DNS portal while keeping the Yotpo Email app open. Please be aware that some of the instructions below are general, as each DNS provider has a different interface and field names may vary. If you do not typically manage your DNS settings, you may need to consult with your IT team or system administrator.

Important:

When you verify your CNAME records, the authentication for the SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) protocols is also completed. SPF identifies the mail servers allowed to send emails from your domain, while DKIM uses digital signatures to verify that your messages are genuine and have not been altered.

To update your DNS records:

1. Open a new browser tab or window and log into your DNS provider’s portal.

2. In the DNS settings, create a new CNAME record.

3. In the Yotpo Email app, in the first row, click Copy to copy the entry from the Host column and paste it into the Host field in the DNS provider’s portal.
   

4. In the Yotpo Email app, in the first row, click Copy to copy the entry from the Value column and paste it into the Value field in the DNS provider’s portal.
   

5. Save the record and repeat the steps above for the remaining records.

After saving the records, wait for several minutes for the changes to be processed. Next, in the Yotpo Email app, click Verify records and the system will notify you that the verification is successful.

Tip:

Some domain registration services may not permit you to directly modify your DNS records. If this is the case, you should get in touch with your DNS provider for guidance on how to update them. Here are the guides for updating DNS records of the most popular providers:

• GoDaddy

• Shopify

• Google Domains

• Hostgator

• Hover

• Namecheap

• Squarespace

• AWS

• Cloudflare

Step 3: Setting up a DMARC record

To complete the domain authentication process, you must set up an authentication protocol called DMARC (Domain-based Message Authentication, Reporting & Conformance). Establishing a DMARC record protects your brand and audience against phishing and spoofing threats. The aim is to ensure that only valid emails from your domain enter inboxes, thereby enhancing your sender reputation and delivery rates.

Major ISPs require authenticated domains to have a valid DMARC record. If you already have one, the system will check it once you reach this step. If the check is successful, you don’t need to take any further action. Simply click Done.

If you don’t have DMARC set up, you’ll need to go to your DNS provider’s portal and create one.

To add a DMARC record:

1. In your DNS provider’s portal, go to the DNS settings and create a new TXT record.

2. In the Yotpo Email app, click Copy to copy the entry from the Host column and paste it into the Host field in the DNS provider’s portal.

   Important:

   Some domain hosts automatically add your domain name after _dmarc. If not, you need to add it yourself, for example, _dmarc.yourbrand.com.

3. In the Yotpo Email app, click Copy to copy the entry from the Value column and paste it into the Value field in the DNS provider’s portal.

   Important:

   The minimum required DMARC policy is v=DMARC1; p=none; sp=none. The possible policy options include:

   • p=none: This policy does not affect the delivery of emails. It collects data about email authentication without enforcing any actions on unauthenticated emails.

   • p=quarantine: This policy suggests that emails failing DMARC checks should be treated as suspicious and placed in the spam or junk folder

   • p=reject: This policy instructs receiving servers to reject any emails that fail DMARC checks, preventing them from being delivered to the recipient

   If you choose a more restrictive setting (like p=quarantine or p=reject), you should avoid reverting to a less restrictive policy. Doing so can lead to unintended delivery issues for legitimate emails that may not pass DMARC checks, potentially harming your email deliverability.

4. Save the record.

After saving the record, wait for several minutes for the changes to be processed. Next, in the Yotpo Email app, click Verify records and the system will notify you if the verification is successful. Click Done to exit the setup process.

If the verification is not successful, the possible errors may include:

• DMARC record is not valid
  In this case, you need to go back to the DNS provider’s portal, delete the existing DMARC record, and create a new one from scratch following the steps above.

• More than one DMARC record is found
  You can have only one DMARC record per domain in your DNS portal. Having more than one can cause conflicts and lead to improper email authentication handling.  Go back to the DNS provider’s portal and delete any additional records you created starting from the most recent.

• Technical issues
  In case of technical issues, try creating the DMARC record again. If unsuccessful again, wait for a few minutes and try again.

If you have any questions, don't hesitate to reach out to our Support team.

Tip:

You can set up DMARC authentication for your sending domain in your DNS provider yourself, but we highly recommend consulting with an email deliverability expert or using an online tool to make sure it was done correctly. A few third-party tools that can help manage DMARC implementation and DMARC reports are:

• EasyDMARC

• DMARCian

• Valimail

Once you’ve successfully completed the setup, the sending domain will appear in a table under the Dedicated sending domain section with a label indicating that authentication is still in progress. Note that this process may take up to 48 hours.

After you have authenticated your sending domain, it’s important to use an authenticated email address when sending campaigns and flows. This will increase the chances that your emails will reach the inbox rather than the spam folder.

To add the authenticated email address, in the Yotpo SMS & Email mani menu, go to Settings > General Settings > Email Settings tab > Sender and reply-to email addresses section. For more details, see Adding and Verifying Store Emails.

Next Steps

After adding an authenticated email address, it's necessary to warm up the infrastructure. The warm-up process requires sending fewer emails right after adding the new domain, and gradually increasing the volume over time. To learn more, see Warming Your New Domain Infrastructure.