When you connect a custom email domain to TravelJoy, we automatically configure SPF and DKIM authentication through the DNS records you add during setup. However, DMARC — the policy that ties SPF and DKIM together — is something you'll need to configure yourself.
This guide explains what DMARC is, why it matters, and how to set it up so your emails land in your clients' inboxes.
What TravelJoy Already Handles
When you set up your custom email domain, TravelJoy asks you to add several CNAME records to your DNS. These records handle two critical pieces of email authentication automatically:
- SPF (Sender Policy Framework) — Verifies that TravelJoy's servers are authorized to send email on behalf of your domain. This is handled entirely through the CNAME records — no additional SPF configuration is needed.
- DKIM (DomainKeys Identified Mail) — Adds a cryptographic signature to every email, proving it hasn't been tampered with. The two
_domainkeyCNAME records you added during setup enable this.
You do not need to modify your SPF record or add any additional DNS records for SPF or DKIM. The CNAME records you've already configured take care of both.
What You Need to Do: Add a DMARC Record
DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a DNS record that tells receiving mail servers how to handle emails that fail SPF or DKIM checks. Without a DMARC record, inbox providers like Gmail and Outlook may treat your emails with less trust, which can hurt deliverability.
Step 1: Start with Monitoring Mode
Add the following TXT record to your domain's DNS:
| Type | Name | Value |
|---|---|---|
| TXT | _dmarc.yourdomain.com | v=DMARC1; p=none; rua=mailto:dmarc-reports@yourdomain.com |
Replace yourdomain.com with your actual domain and dmarc-reports@yourdomain.com with an email address where you'd like to receive reports.
What this does:
p=nonetells mail servers to deliver all emails normally, even if authentication fails. This is monitoring-only — it won't affect delivery.rua=mailto:...tells mail servers where to send daily aggregate reports so you can see how your emails are authenticating.
Tip: Raw DMARC reports are XML files that aren't easy to read. Free services like Postmark DMARC Digests, EasyDMARC, or Valimail Monitor can parse them into readable dashboards.
Step 2: Monitor for 2–4 Weeks
Review your DMARC reports and confirm that emails sent through TravelJoy are passing both SPF and DKIM. If you also send email from other providers (Google Workspace, Microsoft 365, etc.), make sure those are passing too before moving to enforcement.
Step 3: Move to Quarantine
Once you're confident everything is passing, update your DMARC record to quarantine emails that fail authentication:
| Type | Name | Value |
|---|---|---|
| TXT | _dmarc.yourdomain.com | _dmarc.yourdomain.com v=DMARC1; p=quarantine; pct=100; rua=mailto:dmarc-reports@yourdomain.com |
This tells mail servers to send failing emails to the spam/junk folder instead of the inbox.
Step 4: Move to Reject (Recommended Final State)
After another few weeks of clean reports, move to full enforcement:
| Type | Name | Value |
|---|---|---|
| TXT | _dmarc.yourdomain.com | _dmarc.yourdomain.com v=DMARC1; p=reject; pct=100; rua=mailto:dmarc-reports@yourdomain.com |
This tells mail servers to block emails that fail authentication entirely. This is the strongest protection against spoofing and phishing using your domain.
Important: Do Not Use Strict Alignment
If you're configuring DMARC yourself or working with an IT team, make sure your DMARC record does not include aspf=s or adkim=s (strict alignment mode).
TravelJoy sends email from an authenticated subdomain (e.g., tj.yourdomain.com) on behalf of your root domain (e.g., yourdomain.com). Under DMARC's default relaxed alignment, this is a valid match. Under strict alignment, it is not, and your emails will fail DMARC checks.
The default alignment mode is relaxed, so if you don't include aspf or adkim in your record at all, you're fine.
Frequently Asked Questions
Do I need to update my SPF record for TravelJoy?
No. The CNAME records from your TravelJoy domain setup already handle SPF through subdomain delegation. You do not need to add anything to your existing SPF record. In fact, adding unnecessary SPF includes could push you past the 10-lookup limit, which would break SPF entirely.
I already have a DMARC record. Do I need to change it?
Probably not. As long as your existing record uses relaxed alignment (the default — no aspf=s or adkim=s), TravelJoy emails will pass DMARC. Check your reports to confirm after connecting your domain.
I use email campaigns in TravelJoy. Do I need to do anything extra?
No. Email campaigns use a separate authenticated subdomain, but it follows the same CNAME-based authentication. A single DMARC record on your root domain covers both transactional and marketing emails.
How long does it take for DNS changes to take effect?
DNS changes can take up to 48 hours to propagate, though most take effect within a few hours. After adding your records, use the "Verify DNS" button on the DNS setup page to trigger an immediate check. TravelJoy also runs a daily automated check to make sure previously verified domains stay valid.
My domain uses HSTS with includeSubDomains. Does that affect anything?
TravelJoy detects this automatically and skips branded link tracking to avoid breaking your HSTS policy. SPF, DKIM, and DMARC are unaffected.
Comments
0 comments
Please sign in to leave a comment.