This step is necessary for three reasons:
This ensures that your VinesOS system emails are delivered to your customer's inbox and not the Spam folder.
This ensures they are not rejected by the Internet Service Providers (ISPs)
This protects your company's email from potential counterfeit use by hackers.
Initial Setup for New Clients:
STEP 1: Add custom email records
Please reach out to VinesOS for the record settings that you will need to add.
STEP 2: Add DKIM, DMARC, and verification records
!!NOTE: If this is not done, the system email sent to your customers will show as being from mandrillapp.com
and it will likely end up in their spam or junk folders. In other words, your customers will not be getting your emails about their orders or declined credit cards, etc.
Please provide ALL the information below in A) and B) to the technical contact who manages your website domain registration.
DKIM (A DKIM record is a specialized DNS TXT record that stores the public key used to verify an email's authenticity.)
A) Create two CNAME records:
One with the name mte1._domainkey.yourdomain.com with the value dkim1.mandrillapp.com
Another with the name mte2._domainkey.yourdomain.com and the value dkim2.mandrillapp.com
(NOTE - the 'yourdomain' portion seen above in each record entry must be your own domain, like: xyzcompany.com)
DMARC (DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication, policy, and reporting protocol.)
B) Set up DMARC settings
Create and save a TXT record in your DNS with the name: _dmarc.yourdomain.com and a value of v=DMARC1; p=none
(Replace yourdomain.com with the domain you're setting up. Some domain hosts automatically add yourdomain.com after the initial value—contact your domain provider for any specifics.)
(NOTE - the 'yourdomain' portion seen above in each record entry must be your own domain, like: xyzcompany.com
Some domain hosts automatically add yourdomain.com after the initial value—contact your domain provider for any specifics.)
C) Add Verification Record
Please contact us to request a special, dynamic verification record. Once we provide that record, you must create a TXT record in your domain’s DNS records with the value provided.
Importance of DKIM and SPF records
The addition of the DKIM and SPF records is to prevent potential hackers from impersonating your company email, causing potential access to sensitive customer data (e.g., a hacker sends a spoofed email using your email address, asking your customers to log in). In order to protect your email domain you will need to create DNS records that enable DKIM and SPF email authentication for any domain that you own. Essentially, SPF helps confirm whether an email purporting to come from your company was in fact sent from one of your established IP addresses. The DKIM confirms that the email hasn't been faked or altered on its way to the intended recipient. Both of these combined also ensure that your email is not flagged as SPAM and/or bounced back by the ISPs.
Here are some egregious examples of the above, as reported in the media:
https://hotbit.medium.com/official-statement-notices-of-counterfeit-email-listing-hotbit-io-d1d240005d35
https://bits.blogs.nytimes.com/2015/04/09/sendgrid-email-breach-was-used-to-attack-coinbase-a-bitcoin-exchange/
IMPORTANT: In cases where you are reporting that you or your customers are missing emails that should have been delivered from VinesOS, we will NOT be able to support you in investigating these occurrences until both the SPF and DKIM records have been added for your domain email.
1. Have your domain registrar manager follow these important instructions to update your DNS mail records. Ask them to reach out to support@vinesos.com for information they need from us. The above records should be set up at your domain registrar account (e.g., GoDaddy) by your own DNS/domain support tech or team.
2. If you do not have someone technical on your team to do this, please reach out and we can assist. This will require us to log into your domain registrar to make these updates for you. The charge for us to set this up is a one-time fee of $150.
Also, we will need access to your registrar account. Please extend admin access permissions to include the email address: andrew@vinesos.com
This is intended to be informational and to:
1. Prevent email spoofing of your business account, leading to potential security risks to your customers' sensitive data. While this has never been reported to have happened to any VinesOS client, we are recommending that you be proactive with this so that it never will.
2. Ensure that system email notifications from VinesOS get delivered properly to your customers' inboxes.
Let us know if we can help.