How do I configure DNS records to send emails from two different ESPs using the same subdomain?
Summary
What email marketers say13Marketer opinions
Marketer from Email Geeks advises against using the same domain/subdomain for separate mail streams, especially when one is used for 1-to-1 communications. It complicates understanding and explaining the setup due to numerous variables and increases support time. It often adds complexity without improving anything for the sender and complicates DMARC report analysis.
Email marketer from Litmus explains using tools to monitor deliverability and authentication results is critical when using multiple ESPs. This allows you to quickly identify and resolve any issues with SPF, DKIM, or DMARC.
Email marketer from ZeroBounce shares warming up each new IP address is essential. Gradually increase sending volume over time to build a positive sending reputation with ISPs.
Email marketer from Stack Overflow explains that SPF has a 10 DNS lookup limit. If including multiple ESPs causes you to exceed this limit, SPF will break. Suggests using a subdomain or Sender Rewriting Scheme (SRS) as alternatives.
Marketer from Email Geeks explains that while it's possible to use the same domain for multiple mail streams, it's complicated and has downsides. Recommends using a subdomain dedicated to each mail stream for easier management and less confusion.
Email marketer from Email Marketing Forum shares that tools like Kitterman's SPF validator can check whether your SPF record is valid and doesn't exceed the 10 DNS lookup limit.
Email marketer from SendGrid responds that if possible, use dedicated IPs for each ESP. This allows for better control over your sending reputation and simplifies troubleshooting deliverability issues.
Email marketer from SparkPost advises that regularly monitoring your IP reputation for each ESP is crucial. Poor IP reputation can negatively impact deliverability, even if SPF/DKIM/DMARC are correctly configured.
Email marketer from Email on Acid shares an alternative approach is to delegate a subdomain to each ESP. This means each ESP has full control over the DNS records for that subdomain, simplifying configuration and reducing conflicts.
Email marketer from MailerLite explains that the Return-Path domain is where bounces are sent. Ensure the Return-Path is correctly configured for each ESP to receive bounce notifications and maintain a clean list.
Email marketer from Mailjet warns of the SPF 10 DNS lookup limit again and suggests flattening your SPF record to avoid exceeding this limit. This involves resolving all includes and IPs into a single SPF record, but it requires careful maintenance.
Email marketer from Campaign Monitor explains that Sender ID is less relevant than SPF/DKIM/DMARC, but it's still good practice to ensure your Sender ID is consistent with your sending domain.
Email marketer from Reddit shares using different DKIM selectors for each ESP allows you to differentiate the signing keys. Each ESP will then use its own selector when signing emails, avoiding conflicts.
What the experts say8Expert opinions
Expert from Email Geeks shares that for DKIM, it’s easy to use different selectors.
Expert from SpamResource explains that while using multiple 'include:' mechanisms in SPF records is common for multiple ESPs, administrators must remain vigilant about the 10 DNS lookup limit, which can impact deliverability if exceeded. They advise to use tools to validate SPF records.
Expert from Email Geeks explains that it's possible to send from multiple CRM installations using the same domain, but you need to know the 5321.from address for each installation and publish the correct SPF and MX records for that subdomain.
Expert from Email Geeks explains that each ESP should have its own 5321.from domain with its own TXT record for SPF. Having the same SPF record for two different ESPs will cause problems. You should NEVER have more than one ESP in a SPF include.
Expert from Word to the Wise shares that properly configuring DMARC reporting is vital when using multiple ESPs. Monitoring DMARC reports helps identify authentication failures and potential spoofing attempts, enabling quicker mitigation and improved email security across all sending sources.
Expert from Email Geeks explains that each domain should have its own MX record for bounce handling, ensuring bounces go back to the sending system. That's why you need different subdomains for each system in the 5321.from.
Expert from SpamResource explains that when managing DKIM across multiple ESPs, ensure proper DKIM key rotation procedures are in place for each ESP. Keys need to be updated periodically, and proper management helps maintain authentication integrity.
Expert from Word to the Wise shares that carefully managing the Return-Path (also known as MAIL FROM or 5321.MailFrom) is crucial when using multiple ESPs from the same domain. Each ESP's Return-Path should be correctly aligned with their respective sending domains/subdomains to properly handle bounces and feedback loops.
What the documentation says4Technical articles
Documentation from Google Workspace Admin Help explains that having multiple SPF records for a domain is not supported and can cause deliverability issues. It recommends combining multiple SPF records into a single record using include mechanisms.
Documentation from AWS SES answers that when configuring DKIM with multiple ESPs, using different selectors for each ESP to avoid conflicts is important. Each selector should correspond to a unique DKIM key.
Documentation from RFC 7208 details that the 'include' mechanism in SPF records allows referencing other domains' SPF records. This is a best-practice approach for using multiple ESPs, but warns of the 10 DNS lookup limit across all included records.
Documentation from DMARC.org explains that DMARC builds on SPF and DKIM. When using multiple ESPs, ensure both SPF and DKIM are correctly configured for each ESP, and then align the DMARC policy accordingly.