Lead Gen & CRM provides custom DomainKeys Identified Mail (DKIM) configuration using Canonical Name (CNAME) records.
This article will provide information on CNAME records.
A CNAME record is an information element within a Domain Name System (DNS). If you have ever visited a site with www.sitename.com, the www prefix is typically a CNAME record pointing directly at the sitename.com domain. CNAME records are used to map one domain to another domain, essentially creating an alias for the second domain. As such, CNAME records are important. They help with whitelabeling Landing Pages in Lead Gen & CRM, and they enable DKIM on domains.
When enabling DKIM, consider the two parts of a CNAME record: Name and Value. The first part, Name, includes the domain and selector your email will use to sign DKIM. Name may be displayed as Host by some DNS providers, and your particular DNS provider will have individual guidelines when adding this part of the record.
Name is provided for you within the DKIM configuration tool in Lead Gen & CRM and will look something like the following:
The second part, Value, which is shown in Lead Gen & CRM's configuration tool as Data, is the public DKIM key that Lead Gen & CRM manages for you. The Value of the CNAME record is provided by the DKIM configuration tool, and it will look something like the following:
CNAME records provide benefits. To start, CNAME records promote simplicity. CNAME delegates authority for handling DKIM keys to Lead Gen & CRM, so that customers never have to manage the complexity of generating public and private key pairs, sending private keys for signing, and adding DKIM .TXT records to DNS. Also, CNAME records reinforce security. Lead Gen & CRM follows DKIM security best practices and periodically rotates keys. With CNAME records, a customer can set DKIM records just once in their DNS, but benefit from the the periodic key rotation that Lead Gen & CRM manages.
Not all DNS providers allow underscore characters in the Name field of CNAME records, such as the one necessary for the lookup of [selector]._domainkey.[example.com]. This is against specifications, but it is still seen occasionally, even from a handful of widely used services.
Lead Gen & CRM recommend any of the following options:
- Contact your current DNS provider for assistance. While some DNS providers do not directly allow users to create CNAME records within their user interface (UI), some customers have been able to successfully escalate a request to their DNS provider for adding CNAME records containing underscores.
- Host a secondary email sending domain with a registrar that allows CNAME records with underscores. After confirming that your current DNS provider does not support CNAME records with underscores, you may decide to create a secondary email sending domain, and then have another DNS provider host those records. A number of well-known, dedicated DNS providers support CNAME records with underscore, and have free tiers. These providers include Namecheap, EasyDNS, Cloudflare, Hurricane Electric Free DNS, and FreeDNS.
- Switch DNS providers entirely. If your current DNS provider does not support CNAME records with underscores, and you prefer not creating a secondary secondary email sending domain, you will need to migrate to another DNS provider entirely to have your current domain authenticated with DKIM. With this option, you will contact your registrar and change your nameserver to the new DNS service, and then proceed to create new DKIM records at the new DNS service.