Skip to main content

Configure your DNS records to verify your domain in Retently

(Feel free to forward this tutorial to your developers or technical people)

Written by Alex Bitca

You'll need to add SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC records to verify ownership of your sending domains before you can send email through your account. Retently is not able to send any email from unverified domains or domains without valid records, including public domains like gmail.com, yahoo.com, and more.

Although this seems too complicated for a non-technical person, the process is straightforward and is required in order to have your surveys delivered to the respondent's Inbox.

To get started, you will need to add the following records in your hosting provider, domain registrar, or DNS provider.

SPF Record

If you don't yet have an SPF record, add one for your domain, and make sure it's of type TXT. At a minimum, the value should be the following if you're only sending mail through Mandrill for that domain: v=spf1 include:spf.mandrillapp.com ?all.

If you already have a TXT record with SPF information, you'll need to add Mandrill's servers to that record by adding include:spf.mandrillapp.com in the record (before the last operator, which is usually ?all, ~all, or -all).

DKIM Records

Add the following records:

  • Record 1:

    • Type: CNAME

    • Name: mte1._domainkey.yourdomain.com (replace yourdomain.com with the domain or subdomain you're setting up)

    • Value: dkim1.mandrillapp.com

  • Record 2:

    • Type: CNAME

    • Name: mte2._domainkey.yourdomain.com (replace yourdomain.com with the domain or subdomain you're setting up)

    • Value: dkim2.mandrillapp.com

DMARC Record

Important: If your domain already has a DMARC record, then SKIP this step and DO NOT add a new DMARC record or modify the existing record. If you’re unsure, then you can use tools such as Dmarcian or MXtoolbox to check your domain’s records.

Create and save a TXT record in your DNS with the following data:

  • name: _dmarc.yourdomain.com

  • and value: v=DMARC1; p=none

    • IMPORTANT: If your domain already has a DMARC record, DO NOT modify the value of the existing record, especially the “p=” part. Leave whatever was already written there.

DMARC shows valid in other tools but won't verify in Retently

If your DMARC record passes in checkers like Dmarcian or MXtoolbox but Retently still shows it as unverified (often with an error like "Invalid tag(s) found: t=n"), your record contains a newer or non-standard DMARC tag that our email provider's validator does not recognize. The most common one is the t= tag (for example t=n), added automatically by some managed DMARC services such as PowerDMARC.

To fix it, remove the unsupported tag from your DMARC record and re-check. A standard record that verifies cleanly looks like:

v=DMARC1; p=none;

(or with your existing policy and reporting addresses, just without the t= tag). The t= tag is optional and its default value changes nothing about how your policy is enforced, so removing it is safe.

If your DMARC record is managed by a third-party service (your _dmarc record points to a provider like PowerDMARC rather than holding the value directly), make this change inside that provider's dashboard or ask their support to remove the tag, since it cannot be edited from your own DNS zone.

Click here for SPF and DKIM troubleshooting and FAQ
Did this answer your question?