Campaigns: email domain authentication
Email sender domain authentication (or simply domain authentication) is the process that allows you to tell email service providers that Pipedrive is a trusted sender from your domains. To give Pipedrive that permission, you need to add certain DNS records (CNAME and TXT) on your domain registrar page (like GoDaddy, Rackspace, Cloudflare and others) and point those records to Pipedrive.
Domain authentication is about security and deliverability, as it helps you protect your brand's reputation and helps your emails reach the inbox.
Authenticating your email domain doesn't only protect your domain from being used for fraudulent, spam, or spoofing purposes. It also builds your trust and reputation score with the major Internet Service Providers (ISPs), translating directly into greater deliverability success and, ultimately, even better email campaign results.
DKIM (DomainKeys Identified Mail) is a domain authentication technology that uses a cryptographic signature linked to a domain to guarantee the message was not altered between the sender and the receiver.
Technically, DKIM provides a method for validating a domain name identity that is associated with a message and the content of the message itself through cryptographic authentication. The identity is independent of other email identities, such as the author from: field.
In Campaigns, DKIM requires you to add two CNAME records to your domain registrar page.
The third record you need to add is the company identifier TXT record. It is linked to your company and domain and is used to guarantee no malicious company can impersonate a trusted Pipedrive sender.
Once you add these three DNS records and after they have been propagated successfully (which may take up to 48 hours), your domain will be authenticated. Learn how to edit your DNS records in this article.
Before you start, there are three things you must know:
- Domain authentication is optional, but we strongly recommend it if you use our Campaigns feature and have DMARC-protected domains. Learn more about DMARC and how it can affect deliverability in this article.
- You can authenticate only the domains you or your company own and control. You will need to have access to the management of the DNS records of these domains. Learn more about DNS management in this article.
- Before you can send campaigns from an authenticated domain, you will have to verify the sender email associated with that domain.
Steps to authenticate your email sender domain
Step 1. Go to Campaigns > Settings > Domain authentication and click on "+ Domain" on the right-hand side of the page.
Step 2. A small pop-up about domain information will appear. Enter your domain name and click on "Generate DNS records".
Step 3. Your domain will be visible in the domain information section. At the bottom of the page, you will see the domain records section. Here, you can find the CNAME and TXT records that you need to add to your DNS records list on your domain registrar's website.
Step 4. You need to wait until the added DNS records are fully propagated, and the domain authentication status changes to authenticated.
DNS propagation is the process whereby DNS records are updated across all servers on the web. Any changes you make aren't immediately visible because web servers store domain record information in their cache for a predetermined amount of time.
The timeframe for propagation depends on several factors, including your internet service provider (ISP), your domain's registrar and the TTL (cache) values of your DNS records. On average, it takes up to 48 hours for all servers to update their records.
To ensure that DNS records are in order, use online tools such as MX Lookup Tool or Network Tools From MxToolBox.
Your domain authentication will have a pending status until the propagation is complete. Click on "Refresh status" to check the status of the propagation process.
When the domain status is changed to authenticated, this means the process has been completed, and your email sender domain has been authenticated successfully.
Step 5. Once you have your email sender domain authenticated and your sender email verified, you can start creating and sending campaigns. Choose the email linked to the authenticated domain in the sender email dropdown from your email campaigns menu.