search
No-code docs

Sending Domains

A sending domain is a domain that is used to indicate who an email is from via the "From:" header. DNS records can be configured for a sending domain, which allows recipient mail servers to authenticate your messages.

For maximum deliverability, we recommend configuring DKIM for your sending domains and configuring a bounce domain on corresponding subdomains. This is an easy way to help mailbox providers authenticate and differentiate your email from other senders using Bird.

hashtag
Regional Endpoints

Please use the appropriate API endpoint based on your workspace region:

  • EU workspaces: https://email.eu-west-1.api.bird.com

  • US workspaces: https://email.us-west-2.api.bird.com

hashtag
DNS notes

DKIM

These requirements are only important to note if you are generating your own DKIM values.

  • Both PKCS #1 and PKCS #8 formats are supported.

  • We do not support password-protected keys.

  • The DKIM public/private key pair must match a single format as the API will reject mismatching pairs.

  • Public key verification requires the following:

    • A valid DKIM record must be in the DNS for the sending domain being verified.

    • The record must use the sending domain's public key in the p= tag.

    • If a k= tag is defined, it must be set to rsa.

    • If an h= tag is defined, it must be set to sha256.

CNAME

CNAME verification requires a valid CNAME record in DNS pointed at the appropriate Bird domain.

For workspaces located in the US:

Hostname
Type
Value

example.com

CNAME

sparkpostmail‍.com

For workspaces located in the EU:

Hostname
Type
Value

example.com

CNAME

eu.sparkpostmail‍.com

For Enterprise accounts:

Hostname
Type
Value

example.‍com

CNAME

<public_tenant_id>.mail.e.sparkpost‍.com

MX

MX verification is only available to Enterprise accounts. Please contact your TAM if you want to verify your domain with MX.

hashtag
Using a sending domain as a bounce domain

Bounce domains are used to report bounces – emails that were rejected from the recipient server. By setting the bounce domain, you're customizing the address that is used for the Return-Path header, which is the destination for out of band (OOB) bounces.

A sending domain can be used as a bounce domain if it is verified via the following the methods:

  • CNAME record

  • MX records (Enterprise only).

Once it is verified through one of those two methods, you can use it as a bounce domain by including it as a transmission's return_path field or SMTP's MAIL FROM email address. For additional details on custom bounce domains, please see this support articlearrow-up-right.

hashtag
List all Sending Domains

get
/workspaces/{workspaceId}/reach/sending-domains

Returns an array with all the sending domains in your account. Use the query parameters to filter on the various status options.

Authorizations
AuthorizationstringRequired

API key for authentication. Format: AccessKey <token> or Bearer <token>.

Path parameters
workspaceIdstring · uuidRequired

The ID of the workspace

Query parameters
ownership_verifiedbooleanOptional

Ownership verified filter

dkim_statusstring · enumOptional

DKIM status filter

Possible values:
cname_statusstring · enumOptional

CNAME status filter

Possible values:
mx_statusstring · enumOptional

MX status filter

Possible values:
abuse_at_statusstring · enumOptional

abuse@ status filter

Possible values:
postmaster_at_statusstring · enumOptional

postmaster@ status filter

Possible values:
compliance_statusstring · enumOptional

Compliance status filter

Possible values:
is_default_bounce_domainbooleanOptional

Is default bounce domain filter

Responses
get
/workspaces/{workspaceId}/reach/sending-domains
200

Successfully retrieved sending domains

hashtag
Create a Sending Domain

post
/workspaces/{workspaceId}/reach/sending-domains

Creates a new sending domain. Each domain and its subdomains can only be added to a single account.

Note: When adding a sending domain to your account, the domain must be verified within two weeks or it will be removed from your account.

Authorizations
AuthorizationstringRequired

API key for authentication. Format: AccessKey <token> or Bearer <token>.

Path parameters
workspaceIdstring · uuidRequired

The ID of the workspace

Body
domainstringRequired

The domain you are sending from.

Example: example1.com
tracking_domainstringOptional

Associated tracking domain. The tracking domain and sending domain must belong to the same subaccount.

Example: click.example1.com
generate_dkimbooleanOptional

Whether to generate a DKIM keypair on creation.

Default: true
dkim_key_lengthnumberOptional

Size, in bits, of the DKIM private key to be generated. This option only applies if generate_dkim is true.

Default: 1024
shared_with_subaccountsbooleanOptional

Whether this domain can be used by subaccounts. Only available to domains belonging to a primary account.

Default: false
Responses
post
/workspaces/{workspaceId}/reach/sending-domains

hashtag
Retrieve a Sending Domain

get
/workspaces/{workspaceId}/reach/sending-domains/{domain}

Returns the full sending domain object, except the domain field.

Authorizations
AuthorizationstringRequired

API key for authentication. Format: AccessKey <token> or Bearer <token>.

Path parameters
workspaceIdstring · uuidRequired

The ID of the workspace

domainstringRequired

The sending domain name

Example: example1.com
Responses
get
/workspaces/{workspaceId}/reach/sending-domains/{domain}
200

Successfully retrieved sending domain

hashtag
Update a Sending Domain

put
/workspaces/{workspaceId}/reach/sending-domains/{domain}

Updates an existing sending domain.

Authorizations
AuthorizationstringRequired

API key for authentication. Format: AccessKey <token> or Bearer <token>.

Path parameters
workspaceIdstring · uuidRequired

The ID of the workspace

domainstringRequired

The sending domain name

Example: example1.com
Body
tracking_domainstringOptional

Associated tracking domain. To remove the current value, set it to an empty string.

shared_with_subaccountsbooleanOptional

Whether this domain can be used by subaccounts. Only available to domains belonging to a primary account.

is_default_bounce_domainbooleanOptional

Whether this domain should be used as the bounce domain when no other valid bounce domain has been specified.

Responses
put
/workspaces/{workspaceId}/reach/sending-domains/{domain}

hashtag
Delete a Sending Domain

delete
/workspaces/{workspaceId}/reach/sending-domains/{domain}

Warning: Before deleting a sending domain please ensure you are no longer using it. After deleting a sending domain, any new transmissions that use it will result in a rejection. This includes any transmissions that are in progress, scheduled for the future, or use a stored template referencing the sending domain.

Authorizations
AuthorizationstringRequired

API key for authentication. Format: AccessKey <token> or Bearer <token>.

Path parameters
workspaceIdstring · uuidRequired

The ID of the workspace

domainstringRequired

The sending domain name

Example: example1.com
Responses
delete
/workspaces/{workspaceId}/reach/sending-domains/{domain}
No content

hashtag
Verify a Sending Domain

post
/workspaces/{workspaceId}/reach/sending-domains/{domain}/verify

Verify a sending domain through various methods including DNS verification (DKIM/CNAME) or email verification.

hashtag
Verify via DNS

To verify your DKIM or CNAME, include dkim_verify or cname_verify in the request. Bird will check against and verify the associated DNS record type for the specified sending domain.

hashtag
Verify via mailbox

If you can't update your DNS records for a sending domain, you can verify your domain through a mailbox you control. Bird will send an email with a verification link to the specified mailbox.

Authorizations
AuthorizationstringRequired

API key for authentication. Format: AccessKey <token> or Bearer <token>.

Path parameters
workspaceIdstring · uuidRequired

The ID of the workspace

domainstringRequired

The sending domain name

Example: example1.com
Body
dkim_verifybooleanOptional

Request verification of DKIM record.

cname_verifybooleanOptional

Request verification of CNAME record.

verification_mailbox_verifybooleanOptional

Request an email with a verification link to be sent to a mailbox on the sending domain.

verification_mailboxstringOptional

The nominated mailbox email address local part to be used when requesting email with a verification link be sent.

postmaster_at_verifybooleanOptional

Request an email with a verification link to be sent to the sending domain's postmaster@ mailbox.

abuse_at_verifybooleanOptional

Request an email with a verification link to be sent to the sending domain's abuse@ mailbox.

verification_mailbox_tokenstringOptional

A token retrieved from the verification link contained in the verification email.

postmaster_at_tokenstringOptional

A token retrieved from the verification link contained in the postmaster@ verification email.

abuse_at_tokenstringOptional

A token retrieved from the verification link contained in the abuse@ verification email.

Responses
post
/workspaces/{workspaceId}/reach/sending-domains/{domain}/verify
200

Successfully processed verification request

Last updated

Was this helpful?