- Print
- PDF
Domain Management
- Print
- PDF
Available in Classic and VPC
Cloud Outbound Mailer allows you to register, manage, and share domains with other users. By registering a domain and authenticating it with Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM), you can prove your sender credentials and prevent others from sending mail using your domain.
Domain Management page
To access the Domain Management menu, on the NAVER Cloud Platform console, click Services > Application Services > Cloud Outbound Mailer > Domain Management in order.
The Domain Management page is laid out as follows:
Field | Description |
---|---|
① Menu name | Name of the menu currently being viewed |
② Basic features | Features displayed when entering the Domain Management menu for the first time
|
③ Post-creation features | Features displayed after a domain list is generated
|
④ List of domains | View the list of registered domains and their information |
View domains
To view the details of a domain, follow these steps:
- On the NAVER Cloud Platform console, click Services > Application Services > Cloud Outbound Mailer in order.
- Click the Domain Management menu.
- Click the desired domain in the domain list to view its details.
- Domain authentication token
- Authentication token: click the [View] button to view the value of the authentication token generated when the domain was registered
- Authentication date: date the domain's DNS ownership was authenticated
- If it is not authenticated, the [Authenticate] button is displayed. Click the [Authenticate] button after registering the authentication token value in the TXT record of the domain DNS
- SPF/DKIM authentication
- SPF record: check the signature value to use SPF authentication and enable or disable SPF authentication
- [View]: view the SPF signature value
- [Enable]/[Disable]: enable or disable SPF authentication
- Authentication date: date the SPF signature value was authenticated
- If it is not authenticated, the [Authenticate] button is displayed. Click the [Authenticate] button after entering the SPF signature value in the TXT record of the domain DNS
- DKIM: check the signature value to use DKIM authentication and enable or disable DKIM authentication
- [View]: view the DKIM signature value
- [Enable]/[Disable]: enable or disable DKIM authentication
- Authentication date: date the DKIM signature value was authenticated
- If it is not authenticated, the [Authenticate] button is displayed. Click the [Authenticate] button after entering DKIM signature value in the TXT record of the domain DNS
- SPF record: check the signature value to use SPF authentication and enable or disable SPF authentication
- Share domain
- Project key: list of account project keys entered as received from the domain sharing requester
- Enter the project key value in the input box and click the [Add] button to share the domain
- Registration date: date the project key value was registered
- Project key: list of account project keys entered as received from the domain sharing requester
- Domain authentication token
Register a domain
Domain registration includes the addition of a TXT record to the domain's DNS to authenticate ownership. To register a domain, follow these steps:
- On the NAVER Cloud Platform console, click Services > Application Services > Cloud Outbound Mailer in order.
- Click the Domain Management menu.
- Click the [Register domain] button.
- When the domain registration pop-up window appears, enter the domain address in Enter domain and click the [Generate authentication token] button.
- When the token value appears in Authentication token, click the [Copy] button.
- You can check the generated authentication token value again in the domain list.
- Click the [Generate Authentication Token] button again to generate a new authentication token value.
- Click the [Register] button.
- Visit your domain provider's website and register the copied authentication token in the TXT record of your DNS.
- Return to the Domain Management menu on the NAVER Cloud Platform console and click your domain in the domain list.
- Click the [Authenticate] button for Authentication date in Domain authentication token.
- It may take some time for the DNS changes to be applied.
- When authentication is successful, the authentication date will be displayed.
- If authentication fails, the DNS lookup and resolution failed, so check the TXT record of your DNS.
Secure domains
You can use authentication to secure your registered domain. You can apply the following types of authentication.
- Sender Policy Framework (SPF) authentication: verifies that mail sender information matches the mail server information registered in DNS to prevent spoofing.
- DomainKeys Identified Mail (DKIM) authentication: adds a digital signature to the mail header to verify that the mail has not been tampered with.
- Domain-based Message Authentication, Reporting, and Conformance (DMARC) authentication: you can choose how to handle mail from domains that fail SPF and DKIM authentication. It works with SPF and DKIM to authenticate mail senders.
If any of your incoming mail addresses are not authenticated with all 3 authentications (SPF, DKIM, and DMARC) for a particular domain, mail to that domain may fail.
SPF authentication
After you successfully complete your domain registration, you can add SPF authentication. To add SPF authentication, follow these steps:
On the NAVER Cloud Platform console, click Services > Application Services > Cloud Outbound Mailer in order.
Click the Domain Management menu.
From the domain list, select the domain for which you want to add SPF authentication.
Under SPF/DKIM authentication, click the [View] button for SPF record and copy the SPF signature value.
Visit your domain provider's website to register the SPF signature value in the TXT record of your DNS.
NoteIf you have previously registered the SPF signature value of another service, check the policy before proceeding.
Return to the Domain Management menu on the NAVER Cloud Platform console and click your domain in the domain list.
Under SPF/DKIM authentication, click the [Authenticate] button for SPF record.
- When authentication is successful, the authentication date will be displayed.
- If authentication fails, the DNS lookup and resolution failed, so check the TXT record of your DNS.
Click the [Enable] button for SPF record.
- The SPF authentication changes to the Enabled status and the [Enable] button changes to [Disable].
Test that it has been applied correctly by sending an email using the domain.
- In the From: field, type the domain that will be used when you send an email.
- After you send the email, open the email in your inbox to check the SPF authentication information.
- NAVER Mail: click > Show original at the top of the email body and check the
Authentication-Results
header in the Show original pop-up window. - Gmail: click > Show original at the top of the email body screen and check the SPF entry on the original email screen.
- For other email services, contact your provider for instructions on how to check SPF.
- NAVER Mail: click > Show original at the top of the email body and check the
If you are using SPF authentication and click the [Disable] button to change it to the Disabled status, it may affect the authentication of the actual outgoing mail.
DKIM authentication
After you successfully complete your domain registration, you can add DKIM authentication. To add DKIM authentication, follow these steps:
- On the NAVER Cloud Platform console, click Services > Application Services > Cloud Outbound Mailer in order.
- Click the Domain Management menu.
- From the domain list, select the domain for which you want to add DKIM authentication.
- Under SPF/DKIM authentication, click the [View] button for DKIM and copy the DKIM signature value.
- Visit your domain provider's website to register the DKIM signature value in the TXT record of your DNS.
- For the DKIM signature value,
mailer._domainkey.
must be entered before the domain.
<example> mailer._domainkey.domain.com - DNS TXT records typically have 255 characters, while the DKIM signature value (public key) for Cloud Outbound Mailer has 392 characters. Because it exceeds the character limit, you must register it as a single entry, but break it up with double quotes as a multiple-line entry.
<example> Cloud Outbound Mailer DKIM signature value (public key) lookup command and resultnslookup -q=txt s20180627._domainkey.email.ncloud.com s20180627._domainkey.email.ncloud.com text = "v=DKIM1\;k=rsa\;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25Dh71cXQ243vpAdU86jFbn14U8+VlWz28m6C7XVs/XLu80mDBksJOYiIpqU+je5XjdPA0AwCHRg+gtiJhoAlVI4mgQQnL7oV7f3IFlFeraHKxukSeVo1q082AeMymv2LHqU967F+P3yggyOSv4T6n29BrG5ODB9V/lnu8Py6ONUaWLX8nLOqJ5EZ" "9f5PPyFIa11u9KIG49+pM6Gp2Wd/F/EYsWGyaGtxZ4gg67D5CLzcqh63M0DwUNJX+qPVdojv33veexQcJw1N+vpa4gQ7U963Zf3kcEaMhcXb3KqXyYLh2CIT3D1c3PUbfWwMlPfL5ADhFLvD342r4skPTUmKQIDAQAB"
- For the DKIM signature value,
- Return to the Domain Management menu on the NAVER Cloud Platform console and click your domain in the domain list.
- Under SPF/DKIM authentication, click the [Authenticate] button for DKIM.
- When authentication is successful, the authentication date will be displayed.
- If authentication fails, the DNS lookup and resolution failed, so check the TXT record of your DNS.
- Click the [Enable] button for DKIM.
- The DKIM authentication changes to the Enabled status and the [Enable] button changes to [Disable].
- Test that it has been applied correctly by sending an email using the domain.
- In the From: field, type the domain that will be used when you send an email.
- After you send the email, open the email in your inbox to check the DKIM authentication information.
- NAVER Mail: click > Show original at the top of the email body and check the
Authentication-Results
header in the Show original pop-up window. - Gmail: click > Show original at the top of the email body screen and check the DKIM entry on the original email screen.
- For other email services, contact your provider for instructions on how to check DKIM.
- NAVER Mail: click > Show original at the top of the email body and check the
If you are using DKIM authentication and click the [Disable] button to change it to the Disabled status, it may affect the authentication of the actual outgoing mail.
DMRAC authentication
After you successfully complete your domain registration, you can add DMARC authentication. To add DMARC authentication, follow these steps:
Because DMARC authentication works on top of SPF and DKIM authentication, it is recommended that you have SPF and DKIM authentication in place in addition to DMARC authentication.
Visit your domain provider's website to register the DMARC signature value in the TXT record of your DNS.
- For the DMARC record name,
_dmarc
must be entered before the domain.
<example> _dmarc.domain.com - The values in the DMARC record are organized in the format shown below.
<example> v=DMARC1; p=none; aspf=r; adkim=r; rua=mailto:report@example.com
Each item is organized as follows:
Item Value and description Required v Version information DMARC1
Enter asRequired p Policy for mail that is not DMARC authenticated on the receiving server none
: receive mail without actionquarantine
: receive mail in the spam folderreject
: block receipt and process bounces
Required sp Policy for mail coming from subdomains none
: receive mail without actionquarantine
: receive mail in the spam folderreject
: block receipt and process bounces
Not required aspf Specify whether to match strings in mail information and SPF signatures s
: full matchesr
(Default): allow partial matches (allow subdomains)
Not required adkim Specify whether to match strings in mail information and DKIM signatures s
: full matchesr
(Default): allow partial matches (allow subdomains)
Not required rua Email address to receive DMARC processing reports for this domain
Entermailto:
before the email address
Multiple email addresses can be specified by using commas (,)Not required NoteFor more information about DMARC records, see RFC 7489 document.
- For the DMARC record name,
On the NAVER Cloud Platform console, click Services > Application Services > Cloud Outbound Mailer in order.
Click the Domain Management menu.
Select a domain to perform DMARC authentication from the domain list.
Under DMARC authentication, click the [Authenticate] button for DMARC.
- When authentication is successful, the authentication date will be displayed.
- If authentication fails, the DNS lookup and resolution failed, so check the TXT record of your DNS.
Test that it has been applied correctly by sending an email using the domain.
- In the From: field, type the domain that will be used when you send an email.
- After you send the email, open the email in your inbox to check the DMARC authentication information.
- NAVER Mail: click > Show original at the top of the email body and check the
Authentication-Results
header in the Show original pop-up window. - Gmail: click > Show original at the top of the email body screen and check the DMARC entry on the original email screen.
- For other email services, contact your provider for instructions on how to check DMARC.
- NAVER Mail: click > Show original at the top of the email body and check the
Share domain
You can share or unshare an authenticated domain to make it available or unavailable to other users. In domain sharing, a requester requests sharing, and the domain owner agrees to share.
Request domain share (domain share requester)
To request a domain share from a domain owner as a share requester, follow these steps:
- In the NAVER console, click Services > Application Services > Cloud Outbound Mailer in order.
- Click the Domain Management menu.
- Click the [View project key] button.
- When the View project key pop-up window appears, click the [Copy] button and forward the project key to the domain owner.
- The domain owner must register the project key to complete domain sharing.
- When domain sharing is completed, the shared domain is automatically added to the domain list.
The user with whom the domain is shared does not have permission to set up and enable or disable SPF/DKIM authentication for the domain. When the domain owner stops using SPF/DKIM, the users with whom the domain is shared will also have their authentication use discontinued.
Authorize domain sharing (domain owner)
To authorize domain sharing as the domain owner, follow these steps:
- In the NAVER console, click Services > Application Services > Cloud Outbound Mailer in order.
- Click the Domain Management menu.
- In the domain list, click the domain you want to share.
- In the Details section, in the project key field, enter the project key value you received from the domain sharing requester and click the [Add] button.
- The project key is added to the list and the domain sharing is complete.
- The domain is automatically added to the share requester's domain list.
Unshare domain
Only the domain owner can unshare a domain. To unshare a domain, follow these steps:
- In the NAVER console, click Services > Application Services > Cloud Outbound Mailer in order.
- Click the Domain Management menu.
- In the domain list, click the domain you want to unshare.
- In the Share domain list, locate the project key of the account you want to unshare and click the [Delete] button.
- The account that uses the project key can no longer use the domain.
Delete domain
To delete a registered domain, follow these steps:
- Deleting a domain may affect mail that is currently being sent.
- If you re-register a domain after deleting it, you must go through the authentication and security procedures again because the authentication token and SPF/DKIM signature value change, even if the domain is the same.
- In the NAVER console, click Services > Application Services > Cloud Outbound Mailer in order.
- Click the Domain Management menu.
- Select the domain you want to delete from the domain list and click the [Delete] button.
- When the Delete domain pop-up window appears, click the [Delete] button.