How do I sign DKIM on a sender domain that isn't the primary domain while using Hubspot?
Summary
What email marketers say8Marketer opinions
Email marketer from SendGrid shares the steps to configure DKIM. This generally involves generating a DKIM record in SendGrid, then adding that record as a TXT record to your DNS settings. They also provide instructions on how to verify DKIM is set up correctly.
Email marketer from EmailOctopus explains that configuring DKIM involves adding a TXT record to your DNS settings with the specific DKIM information provided by EmailOctopus. Once added, you can usually verify the DKIM setup in the EmailOctopus platform. The record confirms your authorization for EmailOctopus to send on your behalf.
Email marketer from Reddit says you need to add the DKIM and SPF records to the DNS settings of your subdomain. HubSpot provides these records when you set up the subdomain as an email sending domain within the platform. These records authorize HubSpot to send emails on behalf of that subdomain.
Email marketer from Email Geeks shares the process for setting up an Email Sending Domain on Hubspot, highlighting the need for a list of owned Email Sending Domains and access to the Domain Host (or IT/Domain Administrator). Eoin refers to a Hubspot knowledge base article for detailed steps and provides a text version of the instructions: To connect the domain to HubSpot follow the steps : • Log in to your HubSpot account. • In the main navigation bar click on the *settings icon*. • Go to *Website > Domains & URLs* in the left sidebar menu. • Click on *Connect a domain*. • Select *Email Sending* and then click on *connect*, in the dialog box. This will direct you to the domain connection screen. Selecting Domain • Enter the email address that is used to send emails from that domain on the domain connection screen, then click on *Next*. • Verify the email sending domain on the next screen and then click on *Next*. Verifying URLs This is the final step that requires you to log in to your DNS provider. Follow the steps below: • Log in to your DNS provider in a separate tab, after logging in select the *I’m logged in* checkbox in HubSpot. • In the DNS provider, Go to *DNS settings* and select the *I’m there* checkbox in HubSpot. • In HubSpot, go to the Update your DNS records section, click on *Copy* next to the value in the Host(name) column, and paste it in the respective field in the DNS provider. • Similarly, click on the *Copy* next to the value in the Value column in the HubSpot and paste it in the respective field at the DNS provider. *Note:* If a subdomain is being connected to HubSpot you will have to append *_domainkey*. • After updating the values in the DNS provider, select the *Done* checkbox in HubSpot. • You will see a *Verified* message if DNS records are set up correctly, which means your email sending domains are now verified. This may take 24 hours to take effect. • Click *Done* on the *verified* message • If your DNS records are not set up or are still being processed, you will see a Record Invalid error displayed to the right of the record(s). Click on *Check them again* to check if the changes have been updated.
Email marketer from MailerLite explains that setting up DKIM requires creating a DKIM record in your domain's DNS settings. This record contains a public key that email servers can use to verify that messages truly came from your domain. MailerLite's documentation usually provides the specific DKIM record to add for their users.
Email marketer from Gmass highlights that DKIM (DomainKeys Identified Mail) works by adding a digital signature to outgoing emails. This signature is verified using a public key stored in the domain's DNS records. If the signature checks out, receiving mail servers are more likely to trust the email and deliver it to the inbox.
Email marketer from ওয়ার্ডপ্রেস ডটকম shares the process of authenticating email sending with DKIM in HubSpot. The steps involve setting up an email sending domain inside HubSpot, then adding provided DNS records (TXT records) to the domain’s DNS settings to verify ownership and enable DKIM signing.
Email marketer from Mailjet shares the benefits of implementing DKIM. By authenticating emails with DKIM, you are more likely to achieve higher deliverability rates by proving to Internet Service Providers (ISPs) that the outgoing message is actually coming from a legitimate source.
What the experts say3Expert opinions
Expert from Spam Resource, Laura Atkins, explains that for subdomains, you'll need to delegate signing authority by creating a DKIM record on the subdomain itself, pointing to the signing domain. This allows the subdomain to use DKIM even though it's not the primary domain.
Expert from Email Geeks explains that you can only DKIM sign with domains you own or with the permission of the domain owner.
Expert from Word to the Wise explains that DKIM involves generating a key pair (public and private). The private key is used to sign outgoing messages, and the public key is published as a TXT record in the DNS of your sending domain or subdomain. Mail servers verify the signature using the public key.
What the documentation says3Technical articles
Documentation from EasyDMARC highlights that DKIM signing involves generating a private/public key pair. The private key is used to sign the email, and the public key is published in the domain's DNS records. The receiving server uses this public key to verify the signature, confirming the email's authenticity.
Documentation from HubSpot explains how to connect your email sending domain in HubSpot. It involves navigating to Settings > Domains & URLs, selecting 'Connect a domain,' and choosing 'Email Sending.' The documentation details the steps for verifying the domain by updating DNS records with the values provided by HubSpot.
Documentation from SparkPost explains that DKIM requires publishing a DKIM record, which contains your public key. You'll need to generate a DKIM key-pair, then add a TXT record to your DNS settings. This TXT record contains the public key which receiving mail servers use to verify that messages signed with the corresponding private key were authorized by the domain owner.