fbpx

Settings to ensure delivery of email messages sent from your Mira system

Updated 2024-01-30

Google and Yahoo recently announced new sending requirements that will go into effect in February 2024. In order to comply, Mira CRM users will have to update their DKIM records and enact a DMARC policy on any sending domain that might be used. Failure to update your domain’s authentication will result in emails being rejected (not sent) once the change goes live.

Here’s what you need to do:

 

1) Verify the domain

You need to provide us with an email address ending in the domain you need to verify. Your regular work email address probably works good. We will then send you a verification email.

The mail will have a subject Verify your domain for Mandrill and be from Mandrill Client Services <help@mandrill.com>.

You then need to forward that email to support@mira.se. We will then click the activation link. It will not work if you click the link, you need to forward the email to us.

2) DKIM

Create two CNAME records: one with the name mte1._domainkey.yourdomain.com with the value dkim1.mandrillapp.com, and another with the name mte2._domainkey.yourdomain.com and the value dkim2.mandrillapp.com

3) DMARC

Create and save a TXT record in your DNS with a name of _dmarc.yourdomain.com and a value of v=DMARC1; p=none

Replace yourdomain.com with the domain you’re setting up. Some domain hosts automatically add yourdomain.com after the initial value—contact your domain provider for any specifics.

To ensure delivery to internal users, you might also need to

4) Whitelist Mira as a trusted sender in your internal email server.

Contact your IT-department or supplier that manages your domain (the part of your email address after @). Refer them to this document and they should know what to do.

Verify by sending us an email so we can check that everything looks good.

===

Legacy instruction – no longer valid

While you can never be 100% sure that an email message is delivered to a recipient, there are three things you need to do to to ensure delivery of email messages sent through your Mira system. Please contact Mira Live using the chat in you have any questions.

To ensure delivery to external recipients, you need to

1. verify the domain, and
2. configure your DNS-server for the domain(s) you will use as from-email address

Ensuring delivery to external recipients

Email messages from Mira systems are sent through the email service provider Mandrill. Mandrill is a transactional email API from Mailchimp. Mailchimp is one of the largest email marketing and newsletter services. Email from Mira, through Mandrill is always sent from a dedicated IP-range, separate from other Mandrill and MailChimp clients.  When sending email using a Mira-system, the user can select the From-address for the email.  We follow best practices to avoid email sent through Mira to be classified as suspicious. Normally email from Mira have the Sender header set to mnsvc.com, a domain controlled by Mira and that has proper DKIM and SPF-records set. Many email programs will then show in the from field as sent “via” or “on behalf of” mnsvc.com.

To further minimize the risk of email being classified as spam by recipient’s email software, you can add DKIM and SPF records in the DNS for the domain used in the From-header. Most email programs will then no longer show the “via” or “on behalf of” mnsvc.com.  

What are DKIM and SPF?

Basically DKIM and SPF are authentication mechanisms that helps Mandrill to send emails on your behalf through your domain.

DKIM

DKIM is a DNS-based email authentication mechanism that helps Mandrill more effectively send mail on your behalf by allowing receivers to verify that we have permission to send your email. To enable DKIM, create a TXT record for mandrill._domainkey.yourdomain.com (just replace yourdomain.com with the domain you’re setting up) with the following value:

v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrLHiExVd55zd/IQ/J/mRwSRMAocV/hMB3jXwaHH36d9NaVynQFYV8NaWi69c1veUtRzGt7yAioXqLj7Z4TeEUoOLgrKsn8YnckGs9i3B3tVFB+Ch/4mPhXWiNfNdynHWBcPcbJ8kjEQ2U8y78dHZj1YeRXXVvWob2OaKynO8/lQIDAQAB;

Some DNS providers require that semicolons be escaped. If your provider requires escaping, use this value instead:

v=DKIM1\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrLHiExVd55zd/IQ/J/mRwSRMAocV/hMB3jXwaHH36d9NaVynQFYV8NaWi69c1veUtRzGt7yAioXqLj7Z4TeEUoOLgrKsn8YnckGs9i3B3tVFB+Ch/4mPhXWiNfNdynHWBcPcbJ8kjEQ2U8y78dHZj1YeRXXVvWob2OaKynO8/lQIDAQAB\;

SPF

SPF is another DNS-based email authentication mechanism. If you don’t yet have an SPF record, you’ll want to add one for your domain. At a minimum, the value should be the following if you’re only sending mail through Mandrill for that domain:

v=spf1 include:spf.mandrillapp.com ?all

If you already have a TXT record with SPF information, you’ll need to add Mandrill’s servers to that record by adding include:spf.mandrillapp.com in the record (before the last operator, which is usually ?all, ~all, or -all).

Ensuring delivery to internal recipients

In addition to the actions, measures above you might need to whitelist Mira in your internal email system. This is necessary since some email servers do not accept external emails claiming to be from a domain that the server is responsible for to prevent “spoofing” and “phising”. In those cases you need to whitelist or allow “domain impersonation” from Mira.

The exact steps depends of the email server, for Office 365, see Anti-phishing policies – Office 365 | Microsoft Docs. Email messages sent from Mira are sent trough the email server mx.mira.se.

Was this article helpful?

Related Articles