Introduction
Proper domain configuration is the foundation of email deliverability. When you authenticate your domain, you prove to inbox providers that emails from your domain are legitimate. This improves inbox placement and protects your brand from spoofing.
Why Configure a Sending Domain?
Email providers like Gmail, Outlook, and Yahoo use authentication records to determine whether to trust your emails. Without proper configuration:
- Emails may land in spam or be rejected entirely
- Your domain becomes vulnerable to spoofing attacks
- Inbox providers have no way to verify you're a legitimate sender
Configuring your domain establishes your identity and builds trust with receiving servers.
Authentication Records
Lettermint uses three DNS records to authenticate your emails:
DKIM
Adds cryptographic signatures to verify email authenticity and detect tampering.
DMARC
Defines policy for handling authentication failures and enables reporting.
Return-Path
CNAME record used as the envelope sender, enabling SPF alignment.
SPF is handled automatically via the Return-Path CNAME. You don't need to configure a separate SPF record.
Quick Setup Overview
Setting up your domain takes just a few minutes:
- Add your domain in the Lettermint dashboard
- Configure DNS records with your DNS provider (Return-Path, DKIM, DMARC)
- Verify in the dashboard. Lettermint checks your records automatically
Need step-by-step DNS instructions? See our DNS provider guides below.
Subdomain vs Root Domain
We recommend using a subdomain like mail.acme.com instead of your root domain acme.com for sending transactional email:
- Isolation: Protects your main domain's reputation if deliverability issues occur
- Flexibility: Allows different sending configurations for different purposes
- Best practice: Separates transactional email from marketing or corporate mail
Troubleshooting
Verification taking too long? DNS propagation typically happens within minutes but can take up to 48 hours. Check propagation with:
Code
Common issues:
- Duplicate domain in hostname: Some DNS providers auto-append your domain. If you see
lm-bounces.acme.com.acme.com, add a trailing dot (.) after the hostname. - Cloudflare proxy enabled: Set CNAME proxy status to "DNS only" instead of "Proxied".
- Missing quotes: Ensure TXT record values are properly quoted.
- Incorrect values: Double-check record values match exactly what's shown in your dashboard.
DNS Provider Guides
Cloudflare
Add DNS records in Cloudflare
TransIP
Add DNS records in TransIP
Domain Chief
Add DNS records in Domain Chief
AWS Route 53
Add DNS records in AWS Route 53
Next Steps
Return-Path & SPF
Learn how the Return-Path record enables SPF alignment.
Domain Access Control
Restrict domain usage to specific projects.