Advanced email customization

Last modified: April 20, 2020

Most of our implementations use our default setup, so you may not need to read this document.

TestFreaks with the default email service provider

TestFreaks will by default use Amazon SES as email service provider (ESP). If you want to use another ESP, such as Adobe Campaign, please contact your customer success manager for details and technical documentation.

From address

By default, TestFreaks will send emails using a From-address like this:

From: Your Company <noreply@testfreaksreviews.com>

If you want to customize the From-address to something like noreply@yourcompany.example or support@yourcompany.example, Amazon SES needs to verify the address.

Please set up the address you want to use so it can receive email, and then ask your TestFreaks contact to initiate the verification process. After the verification is done, you can disable receiving emails on that address, if you want. Some users will respond to the address so please make sure that they at least receive a helpful automatic response or bounce message.

Please note that you may need to make changes to your SPF domain records, see below.

Return-Path address

By default we’ll use a Return-Path to amazonses.com. If you click show details in GMail, it will say “mailed-by: amazonses.com”.

If you want to use your own domain there, you need to set up a sub domain, for example reviews.example.com, and point the MX record to Amazon. You should also set up SPF and DKIM.

Please ask your TestFreaks contact for help in setting this up.

SPF, DKIM and DMARC

SPF, DKIM and DMARC are standards for protecting email authenticity and protecting against spam and forged emails. TestFreaks will correctly use industry best practice when sending emails in the default settings, but if you want to customize any aspects of this, it’s important that you investigate whether you need to make any DNS-changes on your end or configuration changes in the TestFreaks platform.

Sender Policy Framework (SPF)

SPF is a DNS-based way of verifying what servers are allowed to send emails for your domain. SPF by itself focuses on the domain in the Return-Path address. The SPF policy is stored as a TXT record on that domain. Here’s how you can check yours:

$ dig +short TXT example.com | grep v=spf1
"v=spf1 include:spf.example.com include:somethingelse.com -all"

If you have this record, and especially if it includes -all (meaning to reject non-conforming emails), make sure you also have either include:testfreaksreviews.com if you use our default sender address, or just include:amazonses.com.

DomainKeys Identified Mail (DKIM)

DKIM is a cryptographic signature included in the email, as a DKIM-Signature header field, and it is verified using DNS.

To set this up with TestFreaks:

  1. Ask your TestFreaks contact to initiate DKIM setup, and specify the domain(s).
  2. TestFreaks will generate the domain keys you need to add to your DNS server. See the relevant Amazon SES documentation for more details.
  3. You will add these records, and again tell your TestFreaks contact.
  4. TestFreaks can start sending DKIM-compliant emails from your domain with DKIM-Signature header fields. You can verify these in test emails using for example GMail. Click show details on an email and check the mailed-by and signed-by fields. Signed-by should now include your domain.

You will have two valid DKIM-signatures with this setup, both yours and Amazon’s.

Domain-based Message Authentication, Reporting and Conformance (DMARC)

DMARC provides the ability for an organisation to publish a policy that specifies which mechanism (DKIM, SPF, or both) is employed when sending email from that domain; how to check the From: field presented to end users; how the receiver should deal with failures - and a reporting mechanism for actions performed under those policies.

So DMARC is focused on the From: address domain. DMARC requires that SPF and/or DKIM passes, but also requires that the domains used by either one of those two protocols align with the domain found in the From: address.

DMARC is stored as a TXT record on the _dmarc record under the domain used.

$ dig +short TXT _dmarc.example.com
"v=DMARC1; p=reject; pct=100; rua=mailto:dmarcmail@example.com"

If you have a DMARC record and the p tag (the policy) is set to reject or quarantine, it’s particularly important to set this up correctly, or the emails will not reach the recipient.

Two additional tags may be important, adkim and aspf indicate whether domain valided with DKIM or SPF respectively must be an exact match with the From: adress domain, or if it can be a subdomain. By default the value is r which is relaxed. That means we can set up a policy for a domain like reviews.example.com, and still send the email From: no-reply@example.com. If these tags are set to s for strict mode, that would not be possible.