> ## Documentation Index
> Fetch the complete documentation index at: https://help.retainful.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Sending domains

> Verify your own domain with DKIM, SPF, DMARC, and return-path records so your emails reach the inbox.

A sending domain lets Retainful send email **as you** — from `hello@mystore.com` instead of a shared address. Mailbox providers like Gmail and Yahoo now effectively require this authentication for bulk senders, and it's the single biggest deliverability upgrade you can make.

## What the DNS records do

You don't need to understand these deeply — but here's what each record proves:

| Record          | What it proves                                                                                                     |
| --------------- | ------------------------------------------------------------------------------------------------------------------ |
| **DKIM**        | The email genuinely came from your domain and wasn't altered in transit (a cryptographic signature).               |
| **SPF**         | Retainful's mail servers are allowed to send for your domain.                                                      |
| **DMARC**       | Tells receivers what to do with mail that fails the checks — and that you take authentication seriously.           |
| **Return-path** | Bounces come back to Retainful so invalid addresses get [suppressed](/audience/suppressed-contacts) automatically. |

## Add and verify your domain

<Steps>
  <Step title="Add the domain">
    Go to **Settings → Email → Domains** and click **Add domain**. Enter the domain you send from — typically your store's domain, like `mystore.com`.
  </Step>

  <Step title="Copy the DNS records">
    Retainful displays the exact records to create — each with a **type** (TXT or CNAME), a **host/name**, and a **value**. The records are split into sending and receiving sections; you need all of them.
  </Step>

  <Step title="Add them at your DNS provider">
    Log in to wherever your domain's DNS lives — Cloudflare, GoDaddy, Namecheap, your registrar — and create each record. Copy-paste the values exactly; a single missing character fails verification.
  </Step>

  <Step title="Verify">
    Back in Retainful, click **Verify** for each record. Verification re-checks DNS, so you can retry as often as you like.
  </Step>
</Steps>

<Note>
  DNS changes can take minutes to a few hours to propagate worldwide. If verification fails right after you added the records, wait an hour and try again before changing anything.
</Note>

## Common DNS pitfalls

<AccordionGroup>
  <Accordion title="My provider auto-appends the domain to the host name">
    Some DNS providers add `.mystore.com` to whatever you enter. If Retainful asks for host `rtnf._domainkey.mystore.com`, you may need to enter just `rtnf._domainkey`. If verification fails, check the record with a DNS lookup tool to see what actually got created.
  </Accordion>

  <Accordion title="Cloudflare proxy is on for a CNAME">
    CNAME records used for email must be **DNS only** (gray cloud), not proxied (orange cloud). Toggle the proxy off for those records.
  </Accordion>

  <Accordion title="I already have an SPF record">
    A domain can only have **one** SPF record. Don't add a second — merge Retainful's include into your existing record (for example `v=spf1 include:existing.com include:mailgun.org ~all`).
  </Accordion>

  <Accordion title="Verification still fails after 24 hours">
    Compare each record character by character — trailing spaces and smart quotes from copy-paste are the usual culprits. Make sure the records are on the exact domain you added (not `www.`).
  </Accordion>
</AccordionGroup>

## After verification

Add the addresses you'll send from on that domain under **Settings → Email → From Addresses** — see [Sender addresses](/email-setup/sender-addresses). Then send yourself a test campaign and check it lands in the inbox, not spam.
