By default in PactSafe, every email sent from our system comes from notifications@pactsafe.com. While the from "name" will appear to be either the name of your business (your site) or the name of the person sending contracts for signature. The reason that emails come from pactsafe.com is to ensure that our emails get directly through to your customer's/signer's inbox. Our domain is verified with Domain Keys and an SPF record that ensures that the handoff between PactSafe and your signer's ISP is secure and verified (and not spam!).


You do have the option (with PactSafe's Enterprise Edition) to customize the domain of the emails being sent through our platform. There are a few requirements in order to verify your domain to send through PactSafe:

  1. Submit a ticket to begin the verification process.
  2. Verify ownership of your domain via email.
  3. Set up your DNS with DKIM and SPF records.

1. Submit a ticket

It's really easy to submit a ticket. You can submit it right in the app by clicking "Resources" in the bottom right-hand corner of your screen. We'll send you the verification email and also add your domain to our authenticated list of "verified" domains.


In your ticket, you should let us know:

  • Desired "from" email address for your Site(s) in your account — or you can update them yourself here
  • Who your DNS is managed through (AWS, GoDaddy, etc.)


2. Verify ownership of your domain via email

Once you submit a ticket, we'll send your email address an email with a link to confirm that you actually do own the domain you're trying to verify. This email will come from Mandrill (a subsidiary of MailChimp), who is our email provider for our platform's outbound emails.

Note: the domain of your email address must match the domain you're trying to verify. If you're a contractor or doing work on behalf of your client, someone with an email address matching the domain will have to verify the domain. Let us know if that doesn't make sense!

3. Set up your DNS with DKIM and SPF records

The final step in getting email going is for you to add (or update) 2 DNS records to support Mandrill and to secure the handshake between our system and your signer's ISP (Gmail, Yahoo, AOL, Exchange, etc.). ISPs like these records because it helps ensure the sender of email matches the actual DNS associated with your website. Makes things nice and tidy to ensure your emails sent from PactSafe pass successfully through your signer's spam filter.

These instructions are taken directly from Mandrill's support site located at https://mandrill.zendesk.com/hc/en-us/articles/205582277-How-do-I-add-DNS-records-for-my-sending-domains-:

To add the SPF and DKIM records for your sending domains, you'll need to add records of type TXT through your hosting provider, domain registrar, or DNS provider.


Note

You'll need to add SPF and DKIM records and verify ownership of your sending domains before you can send email through your account. Mandrill will not send any email from unverified domains or domains without valid SPF and DKIM records, including public domains like gmail.com, yahoo.com, and more.


A message that is rejected with the reject reason unsigned indicates that the sending domain hasn't been properly set up, and that your account is unable to send and authenticate email from that domain.


Learn more about SPF and DKIM and domain verification, or manage sending domains in your Mandrill account.


SPF Record

If you don't yet have an SPF record, add one for your domain. At a minimum, the value should be the following if you're only sending mail through Mandrill for that domain:


v=spf1 include:spf.mandrillapp.com ?all


If you already have a TXT record with SPF information, you'll need to add Mandrill's servers to that record by adding include:spf.mandrillapp.com in the record (before the last operator, which is usually ?all~all, or -all).


DKIM Record

Add a new TXT record with the name mandrill._domainkey.yourdomain.com (just replace yourdomain.com with the domain you're setting up). 

The value for the record should be one of the options listed below. There are two options because the record contains semicolons, and some DNS providers escape semicolons for you while others require you to do it when setting up the record.


With semicolons escaped:

v=DKIM1\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrLHiExVd55zd/IQ/J/mRwSRMAocV/hMB3jXwaHH36d9NaVynQFYV8NaWi69c1veUtRzGt7yAioXqLj7Z4TeEUoOLgrKsn8YnckGs9i3B3tVFB+Ch/4mPhXWiNfNdynHWBcPcbJ8kjEQ2U8y78dHZj1YeRXXVvWob2OaKynO8/lQIDAQAB\;


With semicolons unescaped:
v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrLHiExVd55zd/IQ/J/mRwSRMAocV/hMB3jXwaHH36d9NaVynQFYV8NaWi69c1veUtRzGt7yAioXqLj7Z4TeEUoOLgrKsn8YnckGs9i3B3tVFB+Ch/4mPhXWiNfNdynHWBcPcbJ8kjEQ2U8y78dHZj1YeRXXVvWob2OaKynO8/lQIDAQAB;

Voila! You should now be authenticated.

Great work! Now that your DNS is setup and you've verified your domain, all emails sent via PactSafe will come from your specified site name (or sender name) and your site's "reply" email address.