Email Sending Domain Setup

A step-by-step walkthrough on how to purchase and setup your sending domain with Cloudflare and OneSignal.

To configure email with OneSignal, you must own the sending domain. This guide will show you how to buy an email sending domain through Cloudflare and set up the required DNS records to send emails via OneSignal.

πŸ“˜

Do you already own a domain?

If you already own the email sending domain, then you just need to setup the DNS records provided by OneSignal. Follow the Email Quickstart guide or see What is DNS Authentication? for guides from common DNS providers.

Register Your Domain

Create an account at Cloudflare.com

Navigate to Domain Registration > Register Domains and search for the desired domain name.

In this example, we'll be registering the domain onesignaldemo.com.

Choose the desired domain and select Purchase. If the domain you entered is not available, you will have the option to choose a similar domain name.

Once you have purchased the domain you should see it as active under Domain Registration > Managed Domains.

The next step is to create your subdomain. Click Manage Domains > Manage > Update DNS Configuration.

Create a Subdomain

To create the subdomain add an "A" record to your DNS Management page.

  • Click add record.
  • Select Type "A".
  • Add the subdomain to the "name" field. In this example, the subdomain is mail. Cloudflare will automatically append your domain to create the subdomain. In this example it'smail.onesignaldemo.com.
  • To set the IPv4. Perform an NSlookup on one of the Nameserver subdomains domains. These should be on the same page if you scroll down.

Once you have the IPs for the "A" record add one of them to the IPv4 address field and hit "Save".

How to get an IP from the Nameserver Subdomain

Skip this step if you already added the IPv4 to your subdomain.

Within the DNS records page, you should see the Nameservers assigned to your domain. In this example, we'll use the Nameserver demi.ns.cloudlfare.com and perform the NSLookup to get the IP address for your "A" records IPv4 address field.

Select one of the IPs to set in your Subdomain IPv4 field.

Copy and paste one of the IPv4 addresses and add it to the IPv4 field in your "A" record and hit save.

DNS Configuration Steps

In this example, we'll be using Cloudflare as the domain provider and setting up the subdomainmail.onesignaldemo.com.

For DNS setup instructions with other domain registrars, please see our guide here.

Requirements

  • Access to Domain Provider.
  • Ownership of a Domain and/or Subdomain.

Adding DNS Records To Your Domains DNS Management Settings

If you have not done so already, follow the Email Quickstart guide to setup OneSignal Email configuration, then return back to this page.

Next, add the DNS records to the DNS provider.

Add the CNAME Records

In Cloudflare, navigate to DNS > Records.

  • Select the Type "CNAME".
  • Copy/Paste the hostname shown in OneSignal to the "Name" field in the DNS provider.
  • Copy/Paste the Value in OneSignal to the "Target" in the CNAME record and turn off Proxy Status to DNS only.

Add the MX Records

  • Select Type "MX".
  • Copy/Paste the Hostname from OneSignal into the "Name" Field for the MX record.
  • Copy/Paste the Value from OneSignal into the MX server field.
  • Set TTL to Auto and Priority to 10, then click "Save".

Add the Remaining Records

Continue the process to add the remaining DNS records. After adding all DNS records to your Domain Provider, check OneSignal to see if the records have been verified.

Check DNS Record Verification

Go back to the Email Configuration and click "Check Records" You'll see green check marks when a record has been verified and a prompt that your DNS records have been authenticated.

Configure DMARC for Your Subdomain

🚧

Google requires that your domain has DMARC authentication set up to ensure email security for bulk sending. Please take the necessary steps to implement DMARC for your domain. Email Sender Guidelines

Setting up DMARC (Domain-based Message Authentication, Reporting, and Conformance) for your subdomain enhances email security and protects your organization's reputation.

Implementing DMARC establishes an email authentication framework that prevents email spoofing and phishing attacks by allowing you to specify which email servers are authorized to send emails on behalf of your subdomain.

Setting up DMARC for your subdomain is a proactive measure to improve email security, build trust with your audience, and maintain your brand's integrity. See our What Is DNS Authentication to learn more.

Set the DMARC Policy Setting

In DMARC (Domain-based Message Authentication, Reporting, and Conformance), the "p" (policy) tag is used to specify how email receivers should handle messages that fail DMARC authentication. The "p" tag can have various values to set different policies. Here's how you can set the "p" tag:

p=none" (Monitoring Mode):

This is the most permissive option. It instructs email receivers to not take any action against email messages that fail DMARC authentication.
It is commonly used when initially implementing DMARC to gather reports on email authentication failures without impacting email delivery.

"p=quarantine" (Quarantine Mode):

In this mode, email receivers may choose to treat emails that fail DMARC authentication as suspicious. Some receivers may quarantine these emails, which means they might be delivered to the recipient's spam or quarantine folder.
It is a middle-ground option, providing some protection against phishing and spoofing while allowing for email delivery.

"p=reject" (Reject Mode):

This is the strictest policy setting. Email receivers should reject or discard email messages that fail DMARC authentication, preventing them from reaching the recipient's inbox.
It provides the highest level of protection against phishing and email spoofing but should be used with caution to avoid blocking legitimate emails.

DMARC Setup

In the example, we will be setting the DMARC policy to p=none. You will have the option to change/update the DMARC record to follow a more secure policy.

  • Add a new record.

  • Set the record type to TXT.

  • Add _dmarc.yourdomain.com to the "name" field.

  • Set TTL to Auto.

  • Add the following value within the content field but replace the domains with your own.

      v=DMARC1; p=none;
    
  • Click "Save" on the record.

**Copy the TXT record Hostname and Value from the Verify DNS page

Add a new record and select type TXT and paste the Hostnameand Value from the Verify DNS page

You're DMARC should be set up and can be checked with a tool like MXtoolbox.

πŸ‘

Done! Continue to Email Quickstart.

Next steps are to setup your default sender settings, import emails, and verify your account.

See the next steps in the OneSignal Email Quickstart to finish the setup.