How to set up email subdomains and what DNS records are required?

Key findings

1. Reputation isolation: Subdomains allow you to isolate the sending reputation of different email streams. If one stream (e.g., marketing emails) experiences deliverability issues, it won't negatively impact the reputation of other critical streams (e.g., transactional emails) sent from a separate subdomain.
2. DNS records are essential: Proper configuration of DNS records like SPF, DKIM, and DMARC is fundamental for email authentication and preventing your emails from being flagged as spam or rejected. An SPF record on a subdomain is generally required, while DKIM and DMARC records also play crucial roles.
3. MX record necessity: While an MX record is primarily for receiving mail, it can also be needed for subdomains used for sending, especially if bounce messages are directed back to the sending subdomain.
4. Domain registrar interface: The setup process largely depends on your domain registrar or DNS hosting provider's interface, but the underlying DNS record types remain consistent.

Key considerations

1. Comprehensive authentication: Ensure that all three key email authentication protocols (SPF, DKIM, DMARC) are properly configured for each sending subdomain to maximize deliverability and trust with receiving mail servers. You can learn more about DMARC, SPF, and DKIM setup.
2. A records for tracking: While not always strictly necessary for email sending, an A record might be required if your email service provider (ESP) uses the subdomain for tracking opens and clicks, pointing to their tracking servers.
3. Variations in ESP requirements: Different ESPs may provide slightly different sets of DNS records (e.g., CNAMEs for DKIM or tracking) specific to their infrastructure. Always refer to your ESP's documentation for precise instructions.
4. M3AAWG guidelines: For best practices and a comprehensive understanding, consult authoritative resources such as the M3AAWG (Messaging, Malware and Mobile Anti-Abuse Working Group) documents on sending domain best practices.

Key opinions

1. Seeking clarity: Many marketers, even those with some technical understanding, look for clear, step-by-step documentation on subdomain setup for specific email streams to ensure they cover all necessary bases.
2. Hosting provider dependency: The ease of setting up a subdomain and managing its DNS records is heavily dependent on the web-hosting provider's interface (e.g., cPanel) and tools.
3. Basic understanding: There's a common (and sometimes mistaken) belief that setting up an A record pointing to a sending IP is the primary or sole requirement for subdomain email sending, indicating a need for broader education on the full suite of necessary DNS records.
4. Reputation is key: Marketers understand the value of using subdomains to protect their main domain's reputation, especially when experimenting with new email strategies or managing different traffic types.

Key considerations

1. Verify DNS requirements: Marketers should always verify the specific DNS records (SPF, DKIM, DMARC, MX, CNAMEs for tracking) required by their chosen email service provider, as these can vary.
2. A records for tracking, not sending: While A records might be used for tracking domains, they are generally not necessary for the actual sending of emails, a common misconception.
3. Utilize cPanel or similar tools: If using a web-hosting provider with a control panel like cPanel, marketers should familiarize themselves with its domain and DNS management sections, as these simplify the record addition process.
4. Understand the impact: Marketers should understand how each DNS record contributes to email authentication and deliverability, ensuring their messages reach the inbox and avoid blacklists (or blocklists). WP Mail SMTP provides a good overview of email subdomains.

Key opinions

1. Beyond A records: Simply setting an A record for a subdomain pointing to an IP is insufficient for email sending. Comprehensive setup requires multiple other DNS entries, as an A record is not even essential for email sending.
2. Minimum record requirements: At a minimum, SPF (TXT), MX, and DKIM (TXT) records are typically needed for a sending subdomain. DMARC (TXT) might also be required, depending on whether it's handled at the organizational domain level or needs explicit subdomain configuration.
3. Additional records for functionality: Other records, such as A records for tracking (e.g., click and open tracking) or TXT records for verification with tools like Google Postmaster Tools, may also be necessary depending on the email setup.
4. Technical documentation is key: While technical, documentation like M3AAWG's sending domain best practices provides the foundational theory and setup guidance needed for correct configuration.

Key considerations

1. DMARC policy placement: Consider whether your DMARC policy for the subdomain should be explicitly defined or if it will inherit from the organizational domain. For best practices, review DMARC record placement for subdomains.
2. Zone file formatting: Understanding how a DNS zone file is formatted can help in accurately adding or modifying records for your subdomain, as improper syntax can lead to validation failures. Dyn's documentation provides details on how to format a zone file.
3. Troubleshooting: If initial setup fails, systematic troubleshooting of each DNS record, confirming correct values and propagation, is necessary. Using DNS lookup tools can help verify that your records are published correctly.
4. Long-term deliverability: Correct DNS configuration for subdomains is a foundational element for maintaining good email deliverability and avoiding blocklists (or blacklists) in the long term.

Key findings

1. M3AAWG recommendations: The M3AAWG provides comprehensive best practices for sending domains, often including detailed guidance on subdomains and their DNS requirements for various email functions, from sending to bounce handling.
2. Zone file structure: Documentation on zone files details how various DNS records (A, MX, TXT, CNAME) are structured and recorded within a domain's DNS settings, which is crucial for manual configuration.
3. Authentication standards: Official RFCs and related documentation define the specifics of SPF, DKIM, and DMARC, including their record types (always TXT) and how they must be published in DNS for successful authentication.
4. Domain registrar instructions: Many domain registrars provide specific instructions on how to add and manage subdomains and their DNS records within their unique control panels.

Key considerations

1. Complete record set: Ensure that for a sending subdomain, you configure not just SPF but also DKIM and DMARC, even if the DMARC policy for the root domain applies, to provide robust authentication. For more details, see what DNS records are needed for email sending subdomains.
2. Propagation time: After adding or modifying DNS records, allow sufficient time for changes to propagate across the internet, typically up to 48 hours, although it often happens much faster.
3. Verification tools: Utilize online DNS lookup tools to verify that your newly added subdomain records are correctly published and visible globally.
4. Avoid common pitfalls: Documentation often warns against common mistakes, such as having multiple SPF records on a single domain or exceeding the 10-lookup limit, which can lead to authentication failures. For more, read about best practices for DNS lookups and SPF records.