Summary
Configuring self-hosted DNS for SFMC migration with multiple IPs requires a multifaceted approach encompassing proper DNS record management (SPF, DKIM, DMARC), strategic IP warm-up, business unit configuration, and continuous deliverability monitoring. It involves understanding DNS records, ensuring accurate SPF records, carefully managing multiple business units, gradually warming up new IPs, implementing DMARC policies, and adhering to SPF record syntax standards. Maintaining existing IPs during migration, using SAP, carefully setting up the dns zone file that Salesforce provides, and implementing all recommended deliverability best practices will result in a smooth migration.
Key findings
- DNS Record Management: Properly configure SPF, DKIM, and DMARC records to authenticate email sends and prevent domain spoofing.
- IP Warm-up Strategy: Implement a phased IP warm-up to establish a positive sending reputation.
- Business Unit Configuration: Carefully manage multiple business units to separate brands and sending reputations.
- Deliverability Monitoring: Continuously monitor key deliverability metrics to identify and address issues promptly.
- Sender Authentication Packages (SAP): Leverage Sender Authentication Packages (SAP) to authenticate email sends and improve deliverability.
- Record accuracy: Maintain accurate SPF records, and update if needed.
Key considerations
- Maintaining Existing IPs: Maintaining Existing IPs to reduce the reputation lost on the migration.
- Salesforce Support: Consider the level of support for self-hosted DNS configurations.
- Overlapping Private Domains: Be aware of potential conflicts, especially regarding overlapping private domains, and take steps to resolve them.
- Mistake Prevention: Validate DNS records using online tools to minimize authentication failures.
- SFMC DNS Zone File: When adding a second dedicated IP, Salesforce provides a DNS zone file, ensure that this does not conflict with existing setups.
- Feedback Loops: Implement feedback loops, spam trap hits, and blocklist status to find reputation issues.
What email marketers say
8 marketer opinions
Migrating to a new Salesforce Marketing Cloud (SFMC) instance with self-hosted DNS and multiple IPs requires careful planning and execution to avoid deliverability issues. Key steps include maintaining accurate DNS records (SPF, DKIM, DMARC), gradually warming up new IPs, separating transactional and marketing email streams, closely monitoring deliverability metrics, and regularly cleaning email lists.
Key opinions
- DNS Configuration: Properly configure SPF, DKIM, and DMARC records, ensuring all sending sources are included and accurately formatted to prevent authentication failures.
- IP Warm-up: Gradually warm up new IPs to establish a sending reputation with mailbox providers, avoiding sudden volume spikes that can trigger deliverability issues.
- Email Segmentation: Separate transactional and marketing email streams onto distinct IPs to isolate reputation issues and maintain deliverability for critical communications.
- Deliverability Monitoring: Monitor key deliverability metrics such as bounce rates, complaint rates, and blocklist status to identify and promptly address any problems affecting email delivery.
- List Hygiene: Regularly clean email lists by removing inactive or invalid addresses to reduce bounce rates and improve sender reputation.
Key considerations
- Overlapping Domains: Be aware of potential conflicts with existing setups, especially regarding overlapping private domains, and take steps to resolve them.
- Tool Usage: Use monitoring tools like Google Postmaster Tools to assess the status of email deliverability after migration.
- Mistake Prevention: Validate DNS records using online tools to minimize the chance of authentication failures due to incorrect configuration.
- SPF Record Accuracy: Make sure your SPF records include all sending sources.
Marketer view
Email marketer from SendGrid Blog advises monitoring key deliverability metrics like bounce rates, complaint rates, and blocklist status to identify and resolve issues impacting email delivery. Regular monitoring helps maintain a positive sending reputation.
2 Jul 2021 - SendGrid
Marketer view
Email marketer from EmailGeeks forum recommends warming up new IPs gradually to establish a sending reputation. Separating transactional and marketing emails onto distinct IPs helps maintain deliverability by isolating reputation issues.
3 Feb 2025 - EmailGeeks
What the experts say
5 expert opinions
Configuring self-hosted DNS for SFMC migration with multiple IPs requires adding necessary DNS entries without deleting existing ones, understanding DNS record types, ensuring accurate SPF records, and closely monitoring sending reputation post-migration.
Key opinions
- DNS Entries: One additional DNS entry may be needed for mta2. It is important not to delete or replace any existing DNS entries during the configuration process.
- DNS Record Types: Understanding DNS record types (A, MX, CNAME, TXT) is crucial for correct email routing and sender authentication.
- SPF Record Accuracy: SPF records must include all authorized sending sources (IP addresses and domains) and should be maintained and updated, particularly after a migration.
- Reputation Monitoring: Monitoring sending reputation using feedback loops, spam trap hits, and blocklist status is essential to promptly address any deliverability issues.
Key considerations
- Salesforce Support: Consider providing feedback to Salesforce regarding the level of support for self-hosted DNS configurations.
- Thorough Testing: Implementing thorough testing is imperative to ensure that the migration and configuration are functioning as expected.
Expert view
Expert from Email Geeks explains that one additional DNS entry to add for mta2. Do not delete or replace any existing DNS.
26 Oct 2022 - Email Geeks
Expert view
Expert from Spam Resource explains that understanding different DNS record types, such as A, MX, CNAME, TXT (used for SPF and DKIM), is crucial for configuring DNS settings. Proper configuration of these records helps route email correctly and authenticate the sender's identity.
16 Dec 2022 - Spam Resource
What the documentation says
6 technical articles
Configuring self-hosted DNS for SFMC migration involves leveraging Sender Authentication Packages (SAP), properly configuring DNS records (SPF, DKIM, Sender ID), managing multiple business units, employing phased IP warm-up, implementing DMARC policies, and adhering to SPF record syntax standards.
Key findings
- Sender Authentication Packages (SAP): SAP provides domains and IPs to authenticate email sends, improving deliverability by aligning 'From' addresses with sending infrastructure and setting up dedicated domains for branding and authentication.
- DNS Records: Proper DNS record configuration (SPF, DKIM, Sender ID) is crucial for identifying emails as originating from authorized domains, preventing deliverability issues.
- Multiple Business Units: Configuring multiple business units (BUs) within SFMC allows for separating brands and sending reputations, but requires careful planning to avoid conflicts.
- IP Warm-up: A phased approach to IP warm-up is recommended to allow mailbox providers to learn sending patterns and recognize legitimate traffic, which prevents deliverability problems.
- DMARC Policies: DMARC policies instruct receiving mail servers on how to handle emails that fail SPF and DKIM checks, preventing domain spoofing and improving email security.
- SPF Record Syntax: Adhering to correct SPF record syntax and best practices ensures that SPF records are properly interpreted, preventing deliverability issues.
Key considerations
- Careful Planning: Implementing changes with careful planning allows the set up to work without issues.
- Avoiding Conflicts: Avoiding conflicts between business units and the set up is crucial to avoid delivery issues.
Technical article
Documentation from Salesforce Help explains that SAP provides a collection of domains and IPs to authenticate email sends, improving deliverability by aligning 'From' addresses with sending infrastructure. It involves setting up dedicated domains for branding and authentication.
4 Nov 2024 - Salesforce Help
Technical article
Documentation from Salesforce Help describes how to configure and manage multiple business units within SFMC, allowing for separation of brands and sending reputations. Each BU can have its own IP address and domain configurations, which requires careful planning to prevent conflicts.
19 May 2025 - Salesforce Help
Can I use DMARC with shared IP addresses?
How can I optimize my SPF record to stay within the lookup limit when using multiple email sending services?
How do I configure DNS records to send emails from two different ESPs using the same subdomain?
How do I configure reverse DNS (rDNS) with multiple IP addresses for email sending?
How do I properly set up SPF and DKIM records for email marketing, including handling multiple SPF records, IP ranges, bounce capturing, and Google Postmaster Tools verification?
How do I set up an SPF record when using multiple email sending services?
