Understanding Email Authentication

A guide to email authentication when sending and receiving emails using the Email for Trello Power-Up

Christl de Wet avatar
Written by Christl de Wet
Updated over a week ago

If you use your own email domain to send emails from your board (in other words you are using a custom email address in Email for Trello), you've probably had to work with domain and email authentication. Better authentication means better email deliverability.

In this article we break down some of the many acronyms you may come across while setting up and authenticating your domain like SPF, DKIM, Return-Path.

Email is one of the main customer touchpoints online. It is an integral part of the customer experience and we recommend using a custom email address to send and receive emails in Trello. But if you opt to use the SendBoard board address, we manage domain authentication so you don't have to.

DKIM

DKIM (DomainKeys Identified Mail) is an email authentication method used to verify the authenticity of an email and ensures that the email has not been tampered with during transit. DKIM adds a digital signature to the header of an email, which can be verified by the receiving server.

DKIM authentication requires you to add a DKIM record to you DNS settings. When an email is received, the receiving server will then be able to verify that the email is from a legitimate sender. Visit our help article here for steps on how to find and set up the DKIM record for your domain on SendBoard.

Return-path

The Return-Path is like the return address on a letter - it ensures undeliverable emails are returned to the right place, and it's also a stamp of authenticity for your emails, making sure they're recognised and trusted by recipient mail servers. Additionally, it serves as the domain for SPF (Sender Policy Framework) authentication.

You can create a custom Return-Path record in your DNS settings by adding a CNAME record in your DNS settings that points to pm.mtasv.net. Our help article explains the steps in more detail here.

SPF

SPF (Sender Policy Framework), another email authentication method, allows email providers to verify that the sender of an email is actually authorised to send emails from a specific domain. This helps to protect users from receiving fraudulent, spoofing and phishing emails.

You don't need to add SPF records for your SendBoard mailbox. Nowadays, receiving email domains use the Return-Path domain to verify SPF and check that the email was sent from an authorised server. Because we provide you with a Return-Path that already has a valid SPF record, there’s no need to add your own. All emails sent from SendBoard include the Return-Path, authorised IP address and SPF by default.

DMARC

DMARC stands for Domain-based Message Authentication, Reporting, and Conformance - quite a mouthful. It is an email authentication protocol which allows domain owners to specify how emails from their domain should be handled if they fail SPF or DKIM checks. DMARC also provides reporting capabilities, allowing domain owners to monitor and analyse email activity from their domain.

To set up DMARC for your domain, you will need to add a DMARC record to your domain's DNS settings. This is not done in SendBoard but we definitely recommend setting up DMARC for your domain.

DNS

DNS (Domain Name System) is a fundamental component of the internet that translates human-readable domain names into IP addresses. It essentially acts as a directory that matches domain names (like www.example.com) to their corresponding numerical IP addresses (such as 192.168.1.1). This is necessary for computers to locate and connect to each other over the internet.

DNS settings refer to the configuration parameters that dictate how DNS functions for a particular domain. These settings are typically managed through a domain registrar or a hosting provider like Google Domains, Cloudflare, GoDaddy etc.

Cloudflare has a great article on DNS if you want to read more about it: What is DNS and how does it work?

IP address

IP addresses are unique numerical identifiers used to identify the source of an email. Email providers use IP addresses to determine the origin of an email and to check whether it is authorised to send emails from a specific domain.

It is important to keep track of the IP addresses that are authorised to send emails from your domain. If an unauthorised IP address is used to send emails from your domain, it could result in your emails being marked as spam or rejected by the receiving server.

We use PostMark for sending and receiving emails. You can find the IP ranges listed under "Outbound SMTP servers" in this article.

Did this answer your question?