Last Updated: 24th July, 2022
Let’s discuss on How To Setup SendGrid and Whitelabel Domain Sender Authentication so that you can send emails directly from your own domain name email accounts without worrying that your emails are going to the inbox and NOT in the spam! Also in this article, I will show how to setup Domain “Sender Authentication (formerly Whitelabel)” for your emails, i.e. when you send your email it shows or uses a delivering media or in simple language just like a postman who drops your mails in your post box. And all these for Free! So let’s start!
Before we dig further into the setup process let me tell you why we need to send emails using 3rd party SMTP while we can simply create email accounts from our website’s cPanel and send emails directly. Trust me your emails are simply going to the spam box and no one is getting what you are sending. This happens because of certain factors which depend on the default certificates installed by the server of our hosting provider. This is not very uncommon, as almost 85-90% hosting providers provides free certificates which are not at per QuCAN-SPAM Act of 2003. It’s not just you or me but every big organization and companies use 3rd party SMTP service as shown in the above picture, a newsletter from Yoast SEO.
The Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003, signed into law by the then US President, George W. Bush on December 16, 2003, which established the United States’ first national standards for the sending of commercial e-mail and requires the Federal Trade Commission (FTC) to enforce its provisions. This is to combat spam, many online entities use spam filters that target and remove emails that, at the very least, meet those legal criteria.
Why Email’s from My Server Marked as Spam?
As the technology and methods for combating spam become more and more advanced, so must the measures being taken to avoid having an email sent from your server or domain also marked as spam. Free email providers such as Yahoo, Gmail, and Hotmail have specific requirements for mail servers attempting to send to them for the mail to avoid being sent to a Junk Mail folder, as well as most major Internet Service Providers.
Below are some essential settings which can be put in place to decrease the chances of mail originating from your server marked as spam.
Sender Policy Framework Record
The Sender Policy Framework (or ‘SPF Record’) record is a DNS text record which explicitly defines that which mail servers are allowed to send email for a specific domain name. Now SPF records are very easy to create and can solve a number of issues regarding sending an email.
These SPF records are one of the first things that the incoming mail servers check to make it definite the server sending the outgoing message is authorized to send it. The records can be easily edited and refined to reflect multiple servers and IP addresses which are allowed to send emails.
DomainKeys Identified Mail
DomainKeys Identified Mail (DKIM) is a protocol which allows an organization to take responsibility for transmitting a message or email in a way that can be verified by mailbox providers. This process of verification is made possible through Cryptographic Authentication.
Domain-based Message Authentication, Reporting and Conformance
DMARC (Domain-based Message Authentication, Reporting & Conformance) is the latest and greatest advance in email authentication technology. But, like SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail), it’s sometimes misinterpret.
In simple language, DMARC ensures that all legitimate email is properly authenticating against established DKIM and SPF standards and that fraudulent activity appearing to come from domains under the organization’s control (active sending domains, non-sending domains, and defensively registered domains) is blocked. Two key values of DMARC are domain alignment and reporting.
Reverse DNS and Mail Server Hostname
Every mail server has an IP address associated with it. For example, when you attempt to send an email message via a desktop client application, such as Microsoft Outlook, it will attempt to locate the email domain, which is typically, ‘mail.yourdomain.com’. The user’s computer uses it’s DNS addresses to translate ‘mail.yourdomain.com’ into an IP address, which when user’s computer then connects to and sends the email through. In the same way, when the mail server attempts to send the message out to it’s intended recipient, the receiving server will check to make sure that a DNS lookup for the sending mail server retrieves the proper email domain for the IP address sending the message. This is widely known as a Reverse DNS lookup.
If they mismatch, the email can very easily be marked as spam, as the receiving mail server might think it’s being tricked, as the message appears to be coming from a specific email domain, however, a DNS lookup on the IP address reveals a different domain name.
While having a Reverse DNS entry in place for your mail domain which corresponds to the primary IP address of your server can greatly help in reducing the chance of your messages being marked as spam.
How To Setup SendGrid and Whitelabel Domain Sender Authentication
Ok, so far so good, let’s talk about How To Setup SendGrid for The First Time. For better understanding, I am breaking the setup process in 2 separate parts.
How To Setup SendGrid for The First Time
1. To setup SendGrid simply go to Sendgrid.com/free/ to create your free SendGrid account.
2. Now choose an Username and Password for your account (Remember these credentials will be the same you will need to use for sending mails through SendGrid’s SMTP).
3. After you are done Creating Your Account, you’ll receive a Welcome Mail from SendGrid, and your account is activated. As simple as that!
Now we can move to the second part where we will “Whitelabel” your domain name. Whitelabeling means that you are replacing SendGrid brand name with your own Brand, trust me you will love it because who will want to see a mail from your own domain with a small link telling all people that you are using some 3rd party email SMTP service. Moreover, branding with your domain name creates a bold and positive impact on your customers, visitors and all other people.
How To Setup Whitelabel Domain Sender Authentication
By creating a Whitelabel Domain Sender Authentication allows you to better authenticate the email that you send by removing the “sent via sendgrid.net” message that your recipients see on un-whitelabeled emails. In this way, you have the added benefit of complete control over your sending reputation.
Inbox providers distrust messages which are not properly whitelabeled or doesn’t have Sender Authentication, and you will not be able to begin building a positive reputation until you complete the Sender Authentication process.
To do this:-
(1) Navigate to your SendGrid Dashboard, click Settings in the left hand sidebar, and select Sender Authentication.
(2) Under Sender Authentication, you will see 2 options, i.e. Domain Authentication and Link Branding. We will do both job at once here. Click Domain Authentication – Authenticate Your Domain – Get Started option.
(3) Here we can see that SendGrid is offering to choose the host with whom your site is hosted if you can find your hostname from the dropdown list then simply choose that. But for all user point of view I have shown here and also I choose “I’m Not Sure” option, with which almost any hosting DNS Editor will match. So let’s choose that option and choose Yes for the 2nd option which is for Link Branding.
(4) Next, you need to specify the subdomain that you will use for your new domain whitelabel. Make sure that this subdomain is not used by any of your other sites or services. I recommend checking your current DNS settings with your DNS provider to confirm that the subdomain you would like to use is available. Try to pick a name for this subdomain that represents the type of email you will send using this new domain whitelabel. For example, “mailer“, “no-reply“, “support“, “webmaster” or “billing“. Like I used “mailman” for my domain “mailman.vilabin.com” for all purpose.
You are also recommended to avoid the use of underscores in your subdomain since the DNS records that SendGrid creates are based on your subdomain and many DNS providers will not accept DNS records that include underscores.
(5) Creating a Domain Sender Authentication on a new root domain, add your domain in Domain You Send From, in the Advanced Settings – Use custom return path option enter the name of domain that will show
Signed by, for example i have used
mailman and finally in the Use a custom link subdomain option enter the name of sub-domain you want to use, like here I have used
mailer. Refer to the image below to get the picture clearly.
Please make sure that you only enter the name of your root domain and Do Not include
https://www. in this field!
Your reputation as a sender will always be attributed to the reputation of your root, or top-level, domain. This is by default if you have several different subdomains with their domain whitelabels. For example, both billing.example.com and no-reply.example.com will share the reputation of example.com.
(6) Now here, you are given option whether or not you would like to enable Automated Security for your new domain whitelabel. SendGrid always recommends using automated security since it will allow SendGrid to handle all of the DKIM and SPF signing of your outbound email with CNAME records. This will also allow you to add dedicated IP addresses or upgrade your account without having to make any DNS changes whenever you may want.
(7) Check all the details and click Verify.
(8) Finally to set this new Domain Sender Authentication as your default Whitelabel Domain Sender Authentication, check the box next to Default Whitelabel Domain Sender Authentication. SendGrid will use your default Whitelabel Domain when no other valid Sender Authentication can be found.
If you set Automated Security to ON, SendGrid will generate 3 different CNAME records that you will have to give to your DNS provider.
If you set Automated Security to OFF, you will be provided with 1 MX record and 2 TXT records that you will have to give to your DNS provider. If your DNS provider does not accept underscores in CNAME records, you will have to turn off Automated Security to use MX and TXT records.
Once you have entered your DNS records on your DNS provider’s site (generally in cPanel Zone Editor), navigate back to your SendGrid Dashboard and go to your Sender Authentication settings.
You will now see the verified domains here.
Remember: if one or more of your DNS records fails to validate, you may need to wait longer for them to propagate. In my case, all were done instantly, but it may differ from hosting providers.
That’s all, you’re good to start sending emails from your own domain and stay relaxed that your emails are going to the inbox for sure! Just for testing purpose send some emails to your Gmail, Yahoo and even send some emails to your friends to test that it is working!
One last tip for this article to end with is How to setup your desktop or mobile email applications like Apple Mail, Outlook, or Thunderbird. Simply read and follow this link and be your own boss!
Good news for students! If you have a GitHub Account, you can now enjoy the premium service “Free Package includes all Pro Features”, 15,000 Thousand emails per month!. Test SMTP & Web APIs. Start your Free package today with no credit card required and no expiration! Read more here SendGrid GitHub FREE PACKAGE!
By now we have a clear picture of why emails from our servers go to spam instead of the inbox. We also learned how to setup SendGrid to use their SMTP for sending emails. Now I personally choose SendGrid as it’s widely accepted, easy, fulfills my requirement and their support is great! But there are many other SMTP services who also offer free email services much like SendGrid. With some services, you will get more free emails after the trial period and some will not offer the Domain Whitelabeling Feature. So look for various email services and use which suits your need best. There is another very good 3rd party email service who offers 100 emails per day for free! Whooo…. it’s Pepipost! We will cover a set up guide soon on Pepipost too! But, the choice is always yours.