<img src="https://d5nxst8fruw4z.cloudfront.net/atrk.gif?account=lYCzn1QolK10N8" style="display:none" height="1" width="1" alt="">

Email Authentication for ESPs

This page is intended as a quick guide for ESPs (Email Service Providers). For more details, see the Adding a New Domain page.

The From header should be what your recipients expect. Do not change it just for email authentication purposes.

Authentiating the From domain using DKIM and Sender ID requires setting up DNS records and knowing all IP addresses that send mail for this domain name. If you can do this, then great! Just setup those DNS records, and you’re done.

If you can’t authenticate the From domain, then add a Sender header with an email address at a domain which you can authenticate against.

There are a few options for the Sender header that we’ve seen used. These examples assume that the From header is example@customer.com:

  • Create a sub-domain of your domain:
    • From: example@customer.com
    • Sender: example@customer.yourdomain.com
  • Create a sub-domain of their domain:
    • From: example@customer.com
    • Sender: example@mailer.customer.com
  • Create a completely new domain:
    • From: example@customer.com
    • Sender: example@customer-mail.com
  • Use your own domain name for all of your clients:
    • From: example@customer.com
    • Sender: example=customer.com@yourdomain.com

In all cases:

  • You need to setup DNS records for both DKIM and Sender ID for the domain name in the Sender header
  • A server has to receive email for the domain in the Sender header.
  • If the domain name in the Sender header is also being used in the Bounce Address (aka Return-Path), you’ll also need to configure DNS records for SPF.