How To Setup SendGrid and Whitelabel Domain Sender Authentication

How To Setup SendGrid and Whitelabel Domain Sender Authentication

Last Updated: 24th July, 2022

Let’s discuss on How To Setup SendGrid and Whitelabel Domain Sender Authentication so that you can send emails directly from your own domain name email accounts without worrying that your emails are going to the inbox and NOT in the spam! Also in this article, I will show how to setup Domain “Sender Authentication (formerly Whitelabel)” for your emails, i.e. when you send your email it shows or uses a delivering media or in simple language just like a postman who drops your mails in your post box. And all these for Free! So let’s start!

SendGrid vs Others

Note: As of April, 2018 SendGrid has migrated to “Sender Authentication“, from formerly known as Whitelable domain. According to Lindsey Weinig, “SendGrid’s new sender authentication is intuitive and approachable, simplifying the highly complex best practice necessary for improved email deliverability.”

Before we dig further into the setup process let me tell you why we need to send emails using 3rd party SMTP while we can simply create email accounts from our website’s cPanel and send emails directly. Trust me your emails are simply going to the spam box and no one is getting what you are sending. This happens because of certain factors which depend on the default certificates installed by the server of our hosting provider. This is not very uncommon, as almost 85-90% hosting providers provides free certificates which are not at per QuCAN-SPAM Act of 2003. It’s not just you or me but every big organization and companies use 3rd party SMTP service as shown in the above picture, a newsletter from Yoast SEO.

The Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003, signed into law by the then US President, George W. Bush on December 16, 2003, which established the United States’ first national standards for the sending of commercial e-mail and requires the Federal Trade Commission (FTC) to enforce its provisions. This is to combat spam, many online entities use spam filters that target and remove emails that, at the very least, meet those legal criteria.


Facial Recognition: Transit Facts From Then And Now

Why Email’s from My Server Marked as Spam?

As the technology and methods for combating spam become more and more advanced, so must the measures being taken to avoid having an email sent from your server or domain also marked as spam. Free email providers such as Yahoo, Gmail, and Hotmail have specific requirements for mail servers attempting to send to them for the mail to avoid being sent to a Junk Mail folder, as well as most major Internet Service Providers.

Below are some essential settings which can be put in place to decrease the chances of mail originating from your server marked as spam.

Sender Policy Framework Record

The Sender Policy Framework (or ‘SPF Record’) record is a DNS text record which explicitly defines that which mail servers are allowed to send email for a specific domain name. Now SPF records are very easy to create and can solve a number of issues regarding sending an email.

These SPF records are one of the first things that the incoming mail servers check to make it definite the server sending the outgoing message is authorized to send it. The records can be easily edited and refined to reflect multiple servers and IP addresses which are allowed to send emails.

DomainKeys Identified Mail

DomainKeys Identified Mail (DKIM) is a protocol which allows an organization to take responsibility for transmitting a message or email in a way that can be verified by mailbox providers. This process of verification is made possible through Cryptographic Authentication.

Domain-based Message Authentication, Reporting and Conformance

DMARC (Domain-based Message Authentication, Reporting & Conformance) is the latest and greatest advance in email authentication technology. But, like SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail), it’s sometimes misinterpret.

In simple language, DMARC ensures that all legitimate email is properly authenticating against established DKIM and SPF standards and that fraudulent activity appearing to come from domains under the organization’s control (active sending domains, non-sending domains, and defensively registered domains) is blocked. Two key values of DMARC are domain alignment and reporting.

Reverse DNS and Mail Server Hostname

Every mail server has an IP address associated with it. For example, when you attempt to send an email message via a desktop client application, such as Microsoft Outlook, it will attempt to locate the email domain, which is typically, ‘’. The user’s computer uses it’s DNS addresses to translate ‘’ into an IP address, which when user’s computer then connects to and sends the email through. In the same way, when the mail server attempts to send the message out to it’s intended recipient, the receiving server will check to make sure that a DNS lookup for the sending mail server retrieves the proper email domain for the IP address sending the message. This is widely known as a Reverse DNS lookup.

If they mismatch, the email can very easily be marked as spam, as the receiving mail server might think it’s being tricked, as the message appears to be coming from a specific email domain, however, a DNS lookup on the IP address reveals a different domain name.

While having a Reverse DNS entry in place for your mail domain which corresponds to the primary IP address of your server can greatly help in reducing the chance of your messages being marked as spam.


14 Best WordPress Page Builder Plugin That Cut Out Coding 2021

How To Setup SendGrid and Whitelabel Domain Sender Authentication

Ok, so far so good, let’s talk about How To Setup SendGrid for The First Time. For better understanding, I am breaking the setup process in 2 separate parts.

  1. How To Setup SendGrid for The First Time
  2. How To Setup Whitelabel Domain Sender Authentication
How To Setup SendGrid for The First Time

1. To setup SendGrid simply go to to create your free SendGrid account.

SendGrid SignUp Page

Note: Send up to 40,000 emails for 30 day trial basis, then you can send 100 emails/day free forever also you don’t need a Credit Card!

2. Now choose an Username and Password for your account (Remember these credentials will be the same you will need to use for sending mails through SendGrid’s SMTP).

SendGrid Signup Form

3. After you are done Creating Your Account, you’ll receive a Welcome Mail from SendGrid, and your account is activated. As simple as that!

SendGrid Welcome Mail

Now we can move to the second part where we will “Whitelabel” your domain name. Whitelabeling means that you are replacing SendGrid brand name with your own Brand, trust me you will love it because who will want to see a mail from your own domain with a small link telling all people that you are using some 3rd party email SMTP service. Moreover, branding with your domain name creates a bold and positive impact on your customers, visitors and all other people.

How To Setup Whitelabel Domain Sender Authentication

By creating a Whitelabel Domain Sender Authentication allows you to better authenticate the email that you send by removing the “sent via” message that your recipients see on un-whitelabeled emails. In this way, you have the added benefit of complete control over your sending reputation.

Inbox providers distrust messages which are not properly whitelabeled or doesn’t have Sender Authentication, and you will not be able to begin building a positive reputation until you complete the Sender Authentication process.

To do this:-

(1) Navigate to your SendGrid Dashboard, click Settings in the left hand sidebar, and select Sender Authentication.

SendGrid 1

(2) Under Sender Authentication, you will see 2 options, i.e. Domain Authentication and Link Branding. We will do both job at once here. Click Domain Authentication – Authenticate Your Domain – Get Started option.

SendGrid 2

(3) Here we can see that SendGrid is offering to choose the host with whom your site is hosted if you can find your hostname from the dropdown list then simply choose that. But for all user point of view I have shown here and also I choose “I’m Not Sure” option, with which almost any hosting DNS Editor will match. So let’s choose that option and choose Yes for the 2nd option which is for Link Branding.

SendGrid 3

(4) Next, you need to specify the subdomain that you will use for your new domain whitelabel. Make sure that this subdomain is not used by any of your other sites or services. I recommend checking your current DNS settings with your DNS provider to confirm that the subdomain you would like to use is available. Try to pick a name for this subdomain that represents the type of email you will send using this new domain whitelabel. For example, “mailer“, “no-reply“, “support“, “webmaster” or “billing“. Like I used “mailman” for my domain “” for all purpose.

Note: Remember you DO NOT have to create any sub-domain in cPanel for this procedure, simply pick any name that you can match with your main domain and DO NOT USE, as “mail” is there by default in your cPanel DNS while your Website Control Panel was created”.

You are also recommended to avoid the use of underscores in your subdomain since the DNS records that SendGrid creates are based on your subdomain and many DNS providers will not accept DNS records that include underscores.

(5) Creating a Domain Sender Authentication on a new root domain, add your domain in Domain You Send From, in the Advanced Settings – Use custom return path option enter the name of domain that will show Signed by, for example i have used mailman and finally in the Use a custom link subdomain option enter the name of sub-domain you want to use, like here I have used mailer. Refer to the image below to get the picture clearly.

Please make sure that you only enter the name of your root domain and Do Not include www. or https://www. in this field!

SendGrid 4

Your reputation as a sender will always be attributed to the reputation of your root, or top-level, domain. This is by default if you have several different subdomains with their domain whitelabels. For example, both and will share the reputation of

(6) Now here, you are given option whether or not you would like to enable Automated Security for your new domain whitelabel. SendGrid always recommends using automated security since it will allow SendGrid to handle all of the DKIM and SPF signing of your outbound email with CNAME records. This will also allow you to add dedicated IP addresses or upgrade your account without having to make any DNS changes whenever you may want.

SendGrid 5

(7) Check all the details and click Verify.

SendGrid final

(8) Finally to set this new Domain Sender Authentication as your default Whitelabel Domain Sender Authentication, check the box next to Default Whitelabel Domain Sender Authentication. SendGrid will use your default Whitelabel Domain when no other valid Sender Authentication can be found.

If you set Automated Security to ON, SendGrid will generate 3 different CNAME records that you will have to give to your DNS provider.

If you set Automated Security to OFF, you will be provided with 1 MX record and 2 TXT records that you will have to give to your DNS provider. If your DNS provider does not accept underscores in CNAME records, you will have to turn off Automated Security to use MX and TXT records.


World Wide Web (WWW): Turns 30! Google Observes With An Analog Doodle On 12th March

Once you have entered your DNS records on your DNS provider’s site (generally in cPanel Zone Editor), navigate back to your SendGrid Dashboard and go to your Sender Authentication settings.

You will now see the verified domains here.

SendGrid 6

Remember: if one or more of your DNS records fails to validate, you may need to wait longer for them to propagate. In my case, all were done instantly, but it may differ from hosting providers.

That’s all, you’re good to start sending emails from your own domain and stay relaxed that your emails are going to the inbox for sure! Just for testing purpose send some emails to your Gmail, Yahoo and even send some emails to your friends to test that it is working!

Note: Migrating from legacy Whitelabel: If you set up a whitelabel before 2015, your whitelabel will still work. However, if you need to change or update it, you need to delete it and recreate it as an authenticated domain in SendGrid’s new system. If you do set up a new branded link, make sure to keep the same subdomain for domain authentication, but then use a different one for link branding.

If you set up a whitelabel after 2015, it has been automatically migrated to SendGrid’s new sender authentication system.

One last tip for this article to end with is How to setup your desktop or mobile email applications like Apple Mail, Outlook, or Thunderbird. Simply read and follow this link and be your own boss!

Read More: SendGrid Mail Client List.

Good news for students! If you have a GitHub Account, you can now enjoy the premium service “Free Package includes all Pro Features”, 15,000 Thousand emails per month!. Test SMTP & Web APIs. Start your Free package today with no credit card required and no expiration! Read more here SendGrid GitHub FREE PACKAGE!

By now we have a clear picture of why emails from our servers go to spam instead of the inbox. We also learned how to setup SendGrid to use their SMTP for sending emails. Now I personally choose SendGrid as it’s widely accepted, easy, fulfills my requirement and their support is great! But there are many other SMTP services who also offer free email services much like SendGrid. With some services, you will get more free emails after the trial period and some will not offer the Domain Whitelabeling Feature. So look for various email services and use which suits your need best. There is another very good 3rd party email service who offers 100 emails per day for free! Whooo…. it’s Pepipost! We will cover a set up guide soon on Pepipost too! But, the choice is always yours.

Previous Post
How To Install Let’s Encrypt SSL Certificate Manually In cPanel
Next Post
Web Application Maintenance – Building Genuine Resolution

Related Posts

8 Comments. Leave new

  • Thanks for the Guide. However, you can also mention that student can get a premium account of Sendgrid for free through GitHub Education. It gives 500 emails per day.

    • Rahul Mukherjee
      April 28, 2018 6:39 PM

      Hi Ankit,

      Thanks for liking the article and I have mentioned the SendGrid GitHub offer for the students as you informed me. Thanks for the information, hope you visit again!

  • Good information. One thing though – ‘setup’ is a noun and ‘set up’ is the verb you want to use.

    • Rahul Mukherjee
      June 21, 2018 11:35 AM

      Hey Chris, thanks for your suggestion and it’s correct what you have mentioned. I will surely take care about this in future. But one thing that when it comes to writing the headline most of the examples I have seen using the noun. On a more personal note, I actually check my grammar and everything on the latest articles, sometimes, I go through many prestigious websites, the amount of grammatical mistakes says who cares! But I will surely take care of it. Thanks again!

  • Aqib Hussain
    July 4, 2018 10:43 PM

    Whitelabel option is still available on SendGrid and also sender authentication option is available there now i am confused. Should i configure with both options.

    • Rahul Mukherjee
      July 4, 2018 11:01 PM

      Hello Aqib,

      Both are same….they will be moving to sender authentication in future permanently, like you know how google do when changing interfaces, they make people used to it then change completely after a while, gmail is going through the same thing. Now, those who have a white label domain from previous time they don’t need to do anything. it will automatically shift. The new users have to go to settings for sender authentication….well in brief sold wine in a new bottle game…that’s it! If your domain is already whitelabel then you don’t need to do anything. But if you want to make a new domain whitelabel then you should go through the sender authentication option. All will be ok! let me know if you face any difficulty. Thanks!

  • Ankita Yadav
    May 4, 2019 5:02 PM

    Nice information.


Leave a Reply

Your email address will not be published. Required fields are marked *

Fill out this field
Fill out this field
Please enter a valid email address.
You need to agree with the terms to proceed