Email Authentication

Email Authentication

In this digital era email forms a major part of communication in every business or organization. Companies often use different servers or domains other than their server to deliver the message to its recipients. In such cases it's crucial to establish an email policy that can define the rules by which the email can be authenticated from its domain name.

Zoho CRM provides email authentication standards that will allow the organizations to increase the trustworthiness of its email origin when it chooses to send emails from Zoho CRM using their domain. To authenticate your emails sent from Zoho CRM, you need to validate the following authentication standards:

  • Domain Verification
  • DKIM (DomainKeys Identified Mail)
  • SPF (Sender Policy Framework)


Permission Required: Users with the Administrative profile can access email authentication.

Email Authentication-2 domains2 domains5 domains

Email Authentication

Authenticating the email source consists of the following steps:

Step 1. Add your company's domain or subdomain

Adding your company's domains or subdomains is the first step for email authentication. Domain verification helps to ensure that the domain from which the emails are sent is authentic and trustworthy. To facilitate this, you have to add your company's email address and the domains or subdomains in Zoho CRM.

Step 2. Verify the domain details

Once you add the domain, a verification code is generated and sent to the email address that should be entered to verify the domain details. The verification email is valid for 15 days, in case you do not receive an email or you have exhausted the validity period, you can use the Resend Mail link.

Step 3. Validate the records

Once the domain and subdomains details are verified, you can select either of the two email authentication standards to validate the email source:

DKIM - DKIM is used to ensure that the message has not been altered in transmission. It uses public key encryption to authenticate the email messages.See Also DKIM Configuration

SPF - This authentication standard allows sending domains to define which IP addresses are allowed to deliver email messages on behalf of the domain. See Also SPF Configuration


Another authentication standard that the sending domains use to block fraudulent emails is DMARC (Domain-Based Message Authentication, Reporting, and Conformance). It is built as a combination of the DKIM and SPF standards with additional features like reporting, policy definition, and the notion of identity alignment. A domain needs to pass both SPF and DKIM to satisfy the DMARC regulation. 

Add Your Company's Domain

To add your company's domain

  1. Go to Setup > Channels > Email > Email Authentication.
  2. In the EmailAuthentication page, click Add Domain.
  3. In the Add Domain page, enter the Email Address.
  4. Click Add Domain.

Verify the Domain Details

To verify the domain and subdomain details

  1. Go to the Domain and click Enter Code.
  2. In the Verify Domain popup, enter the Verification code.
  3. Click Verify.

Validate the Records

To validate the records

  1. Go to the Domain and click Validate Records.
  2. In the Authenticate Domain popup, copy the SPF or DKIM record code.
  3. Paste the code in your DNS settings.
  4. Click Validate Record, once the code is added. 

Share this post : FacebookTwitter

Still can't find what you're looking for?

Write to us: