Before you can digitally sign your outbound email from Applaud, you must update your domain's Domain Name System (DNS) records so that the Applaud domain key can be located and used to verify signatures. The DNS update creates a redirect to the domain key on the Applaud domain. When an email service provider receives an email with your domain name, the provider looks up the Applaud domain key to verify the email's signature.
Applaud rotates its DKIM encryption keys every quarter as an added security measure. As long as you use the method described below to add domain keys to your DNS record, you won't have to make any changes when the keys are updated. Instead, the lookup locates the current Applaud domain keys automatically.
The UI and terminology might vary depending on your registrar, but the concepts are the same.
Setting up records for your domain can be confusing because most of us rarely do it. Consult your system administrator, if you have one, before proceeding.
- Open and sign in to your domain registrar's control panel. Use the name and password you created when registering the domain name.
- Look for the option to change DNS records. The option might be called, for example, DNS Management, Name Server Management, or Advanced Settings.
- Look for an option to add a TXT record and create a TXT record with these values:
- Host Record (or equivalent):
Where mycompany.com is your external email domain for your Applaud email, for example, "mycompany.com." The domain can have a different top-level domain, such as .net, .org, or .ca.
- Points To (or equivalent):
- Create a second CNAME record with these values:
- Host Record:
Where mycompany.com is your external email domain for your Applaud email.
- Points To:
It takes time for changes to the DNS system to update. Typically, it can take anywhere from a few hours to a day, depending on your Time To Live (TTL) settings in the registrar's control panel.