System Email Authentication
Spektrix sends email messages on behalf of its clients. These emails are related to sales or account changes, rather than marketing emails which are handled by a third party provider DotDigital. This includes but is not limited to:
- Order Confirmation Emails
- Print at Home Ticket Emails
- Password Reset Emails
- Membership Renewal Notification Emails
- Scheduled Reports Emails
- Scheduled Customer Lists Emails
Our clients are able to tell their Spektrix system to impersonate their own domain for sending these emails, or to use a ‘fallback domain’. For example if a client's domain is venue.com, then they can choose to let Spektix send emails using venue.com, or use the fallback domain boxoffice-email.com. If a client wants to let Spektrix impersonate their own domain or subdomain to send system emails, then some authentication is required. If using the fallback domain, then no additional setup is required.
Domain Authentication
Spektrix needs to be allowed to impersonate client domains using two forms of authentication. These are SPF and DKIM (Domain Key Identified Mail), both of which are TXT records added to the DNS for the domain from which the client wants to send system mail. These two pieces of authentication are used to tell Email Service Providers that email sent by Spektrix that impersonates client domains is legitimate and can be trusted. Without these two pieces of authentication in place, then the fallback domain will be used by default.
To read more about DKIM click here.
Setting up DKIM & SPF
To set up SPF for Spektrix simply add the following statement to an existing SPF record:
include: eu.mailgun.org (for clients in the UK, Ireland and Canada)
include: mailgun.org (for clients in the USA)
To set up DKIM, or Domain Key Identified Mail please contact Spektrix Support to confirm which sending domain you would like to use. Our Support Team will assist you with generating a Domain Key.
Please note that our Domain Keys are generated in 2048-bit.
Best Practices
Sending Subdomain
We highly recommend that clients set up a subdomain to send their system mail from, and add the appropriate SPF and DKIM TXT records against that subdomain rather than their root domain. This is so that, in the unlikely event of an ISP complaint being made as a result of any email being sent, only the subdomain is impacted and your root domain is protected.
For example, this could be: boxoffice.venue.com, rather than just venue.com.
Please let our support team know if you choose to use a subdomain. Please note that it is not recommended to use the same subdomain as is used for any Custom Domain integrations with Spektrix.
Email Logging
Spektrix is able to log email messages sent from the system, and track opens, clicks and receipt. Whilst clients do not have access to this logging, it is very important to help our Support Team troubleshoot any issues that might arise. In order to benefit from this, you can create the subdomain:
email.[sendingdomain]
For example, if your sending domain is venue.com, then you should create email.venue.com. If your sending domain already has a subdomain for sending mail, such as boxoffice.venue.com, then you should create email.boxoffice.venue.com.
Once you’ve created the appropriate domain, add the following CNAME:
eu.mailgun.org (for clients in the UK, Ireland and Canada)
mailgun.org (for clients in the USA)
This will allow us to log any emails that Spektrix sends on a client's behalf.
Reply To Address
If a client’s system email is sent from an address that does not have a mailbox or where the mailbox is not monitored, then it’s possible to set up a Reply To address to direct any replies to a monitored mailbox. To do so, please contact Spektrix Support.
DMARC
If a client is using DMARC or Domain-based Authentication, Reporting and Conformance then it may not be possible for them to use a fallback domain.
If DMARC is in place then using the fallback domain will have the following effects depending on which policies are set up.
p=none means that the fallback domain will still deliver mail as expected, but the DMARC report recipient may receive additional reports.
p=quarantine means that emails will be sent by the fallback domain but will be directed to spam folders and the DMARC report recipient will receive additional reports to this effect.
p=reject means that the emails will be sent by the fallback domain but won’t be received by the recipient at all and the DMARC report recipient will receive additional reports to this effect.
If a client has DMARC quarantine or reject policy then SPF and DKIM must be used otherwise Spektrix will not be able to reliably send emails on their behalf using a fallback domain or the client’s domain.