How do I validate my domain for email sending?

One of the key services that we provide is to send out emails containing your orders and quotes, both to your back-office but also to your customers. These emails go through a myriad of different networks and email servers before they reach their recipients. One of our goals is to improve the deliverability of these emails. This means preventing the emails from being flagged as spam and ensuring that the emails reach the recipient’s Inbox. In furtherance of this goal, we have implemented DomainKeys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC) for all our outgoing emails. Here is a link to some technical information about the topic: About DKIM and DMARC.

What does this mean for you? It means that your From: email address (called ‘Sender Email Address’ in Onsight) will have to be a validated domain.

If you do not validate your domain then your From: address for all your outgoing emails will be: ‘Company Name’ <[email protected]>.

If you would like to replace [email protected] with an email address on your own domain ([email protected]), please contact [email protected] and we will send you the process for how to validate your domain.

How do I validate my domain?

You will be required to create some DNS records on your domain.

Please email [email protected] and we will start the process and send you full instructions.

Additional information

Is there really an underscore in the subdomain name? It seems strange.

Yes, there is an underscore in the subdomain name.

More details:

Underscores are allowed in DNS entries for subdomains

DKIM requires a subdomain named _domainkey

Can I just copy and paste the required DNS records?

Some DNS hosts provide easy-to-use web interfaces for managing DNS records. For these copying-and-pasting is sufficient.

Other DNS hosts have complicated interfaces with specific configuration requirements. In that case you will need to follow the specific configuration requirements to ensure that the DNS records are created correctly.

I copied and pasted the DNS records into BIND but the records do not work

BIND has specific requirements for how you specify DNS records.

Let’s say you want to create a CNAME record:

that points to

If you created this record in BIND, it would be incorrect: IN CNAME

There are 2 mistakes here.

The part on the left should be
(note the full stop)

or it can be:

(note the absence of a full stop)

Either of those will work.

The second mistake is on the right hand side.

is missing a full stop at the end.

The correct record would be:

s1._domainkey IN CNAME

These full stops and convoluted requirements are specific to BIND.

How do I test that the DNS records exist?

You can use the NSLOOKUP command to check that the DNS records have been created correctly.

This is what it will look like when the record has NOT been set up correctly:

~ $ nslookup

** server can't find NXDOMAIN

This is what it will look like when the record has been set up correctly:

~ $ nslookup

Non-authoritative answer: canonical name =