Skip to main content

Domain verification

Configure sending domains to authenticate your emails. Lettermint requires domain verification before you can send emails.

Authentication Records

Lettermint uses three types DNS records for email authentication: DKIM (DomainKeys Identified Mail): Adds cryptographic signatures to verify email authenticity. DMARC (Domain-based Message Authentication): Defines policy for handling authentication failures. Return-Path: A CNAME record that will be used as the envelope sender.
It is correct an SPF record is not discussed - it is managed via the Return-Path record.

Domain Verification

Step 1: Add Your Domain

  1. Add your domain in the Lettermint dashboard
  2. Enter your domain (we recommend a subdomain like mail.acme.com)
  3. Save!

Step 2: Configure DNS Records

Lettermint provides three DNS records to add to your domain (replace acme.com with the domain you added):

Return-Path Record

Add this CNAME record to your domain:
HostnameTypeContent
lm-bounces.acme.comCNAMEbounces.lmta.net
If you’re using Cloudflare, ensure this CNAME record proxy status is set to “DNS only” instead of “Proxied”.

DKIM Record

Add the provided DKIM record (unique to your domain):
HostnameTypeContent
lettermint._domainkey.acme.comTXT[value can be found in your dashboard]
If you want more information on DKIM records, check out this guide.

DMARC Record

We require every domain to setup a DMARC record. You are free to change the record, as long as it is valid. The following record is the bare minimum:
HostnameTypeContent
_dmarc.acme.comTXTv=DMARC1; p=reject;
If you want more information on DMARC records, check out this guide.

Troubleshooting

Verification failed

In order to check if your DNS record has been propagated, you can open a terminal and execute: 
dig CNAME lm-bounces.acme.com
dig TXT lettermint._domainkey.acme.com
dig TXT _dmarc.acme.com

Common issues

  • DNS records not yet propagated
    • This can take up to 48 hours. Though usually we see that propagation happens within seconds to minutes.
  • Incorrect record values
  • Missing quotes around TXT record values
  • Domain already appended to hostname
    • Depending on the DNS provider you use it can be that they automatically append your domain after a record. You can recognize this by noticing a record on e.g. lm-bounces.acme.com.acme.com. If this is the case, you should add a single dot . after the hostname.
  • Cloudflare proxy enabled
    • If you’re using Cloudflare, ensure the CNAME record proxy status is set to “DNS only” instead of “Proxied”.
I