Custom Email Domains
Add and verify your own sending domain through Yaplet's guided, self-checking setup — to send branded emails and unlock newsletter campaigns.
Why Use a Custom Domain?
With a custom domain, your emails come from your own address (like [email protected]) instead of a shared @yaplet.io address. This matters for three key reasons:
Brand Trust
Customers recognize and trust emails from your own domain. A @yaplet.io address may look unfamiliar and get ignored.
Better Deliverability
Custom domains build their own sending reputation, so your emails are far more likely to reach inboxes instead of spam folders.
Newsletter Access
Newsletter campaigns require a verified custom domain. This is not optional — Yaplet enforces it to protect deliverability for all users.
@yaplet.io email address. When you try to create a newsletter campaign, Yaplet checks for a verified custom domain email. If none exists, the campaign cannot be created and you'll be prompted to add a custom domain first.How Setup Works
Custom-domain setup has three parts: add the domain in Yaplet, add the DNS records it generates at your domain registrar, and let Yaplet verify them. The difference from a typical DNS setup is that the page checks your work for you — it polls your DNS automatically and shows a live status next to every record, so you're never guessing whether something propagated.
Plan for 15–30 minutes of hands-on work, plus anywhere from a few minutes to 48 hours for DNS to propagate (usually well under an hour).
Add Your Domain
Open the Domains tab
Go to Settings → Emailing → Domains and click Add domain.
Enter your domain
Type your domain — for example yourcompany.com (just the domain, no https:// or www.). Use a subdomain like mail.yourcompany.com only if you specifically want to send from a subdomain.
Click Add
Yaplet generates your DNS records, requests an SSL certificate for link tracking, and opens the Setup tab with your domain selected. You'll see the message "Domain added — configure the DNS records to verify it."
The Guided Setup Page
The Setup tab walks you through the records and checks them for you. A few things to know about how it behaves:
- It re-checks your DNS automatically every 20 seconds, and again whenever you return to the tab. There's no "I'm done" button to press — just add the records and the page catches up on its own. A Re-check status button forces an immediate check.
- Each record shows a live status so you know exactly what's left.
- Stuck? The Ask AI for help button hands your current setup state to Yaplet's AI assistant, which reads your live DNS and tells you precisely which records are still missing and where to add them.
Sending status
At the top, a single badge tells you where the domain stands overall:
| Badge | What it means |
|---|---|
| DNS records needed | The required authentication records aren't in your DNS yet. Add them. |
| Verifying — almost there | Your records are detected; AWS is verifying the domain — usually 5–60 minutes (occasionally longer). |
| Verified for sending | Done. You can send from this domain. |
Records, grouped by what they do
Instead of one flat table, records are organized into three sections, each with its own status badge:
CNAMEs, an SPF TXT, a DMARC TXT, and the MAIL FROM MX + TXT. DKIM is what actually verifies the domain for sending. Add all of these.MX record. Add it only if you want incoming email for your domain (like customer replies) to land in your Yaplet inbox. Skip it if you only need to send — for example, newsletters. Don't add it if your domain already runs on Google Workspace or Microsoft 365, or it will reroute your existing mail.CNAME (and, if your domain blocks it, a CAA record). This lets Amazon issue a certificate so your tracking links can be branded. It works in parallel with sending, so you can add it at the same time.Per-record live status
Every record row has copy buttons for the Host and Value, the record type, a short note on what it's for, and a live status:
| Status | Meaning |
|---|---|
| Found in DNS | Yaplet queried your DNS and the value matches. |
| A different value is set — check it | A record exists at that name but the value doesn't match — re-check it for a typo. |
| Not detected yet — add it or wait for propagation | Nothing found yet. Add the record, or wait for it to propagate. |
Yaplet also detects your DNS provider from your nameservers and tailors the host hints — for example, telling Namecheap and GoDaddy users to enter only the host part (link, _dmarc, @) since those providers append the domain automatically.
CNAME (the DKIM records and the link-tracking record) to DNS only — the grey cloud, not the orange one. A proxied CNAME makes Cloudflare answer with its own addresses, so DKIM and SSL validation fail.Conflict pre-flight
When you open the page, Yaplet scans for two common conflicts and warns you before they cause trouble:
- Existing mail records — if your domain already has
MXrecords, adding the (optional) inboundMXwill reroute your existing mail to Yaplet. The warning lists what's already there so you can decide whether to skip it. - Existing SPF record — you can only have one
v=spf1record. If you already have one, Yaplet tells you to mergeinclude:amazonses.cominto it rather than adding a second.
Export all records at once
Rather than copying each record by hand, click Export records at the top of the Setup tab to download every DNS record for this domain as a single zone file, then import it in one step at your DNS provider — for example in Cloudflare under DNS → Records → Import and Export. When the import finishes, come back and press Re-check status.
- Format — choose Cloudflare (tuned so the DKIM and link-tracking
CNAMEs are pre-set to "DNS only", the grey cloud) or Standard BIND (the portable format any BIND-based host accepts). - Include inbound email (MX) — off by default. Turn it on only if you want incoming mail for the domain to land in your Yaplet inbox; it reroutes the whole domain's mail.
- Existing SPF — if your domain already has an SPF record, the file leaves Yaplet's line commented out so the import can't create a second one. Merge
include:amazonses.cominto your existing record by hand afterward.
Branded link tracking
Link tracking rewrites the links in your emails through a tracking subdomain (link.yourcompany.com) so Yaplet can measure clicks. It lives in its own card with a switch:
- The switch is locked until your SSL certificate is issued (add the Secure-links records first). Until then it reads "Available once your SSL certificate is issued."
- Once the certificate is issued, the
link.CNAMEappears. You can flip the switch on before that record propagates — tracking simply stays pending and activates automatically once the record resolves. Until then your links are sent untouched, so nothing breaks. - Turning it off reverts to plain, untracked links.
DNS records reference
All values are generated per domain and shown in your dashboard — always copy from there. This table is for reference; the Setup page is the source of truth.
| Group | Type | Name (host) | Value | Priority |
|---|---|---|---|---|
| Sending | CNAME | {token}._domainkey.yourcompany.com (×3) | {token}.dkim.amazonses.com | — |
| Sending | TXT | yourcompany.com | v=spf1 include:amazonses.com ~all | — |
| Sending | TXT | _dmarc.yourcompany.com | v=DMARC1; p=none | — |
| Sending | MX | mail.yourcompany.com | feedback-smtp.eu-central-1.amazonses.com | 10 |
| Sending | TXT | mail.yourcompany.com | v=spf1 include:amazonses.com ~all | — |
| Receiving | MX | yourcompany.com | inbound-smtp.eu-central-1.amazonaws.com | 10 |
| Secure links | CNAME | (ACM validation — shown in dashboard) | (shown in dashboard) | — |
| Secure links | CNAME | link.yourcompany.com (after cert issued) | (CloudFront target — shown in dashboard) | — |
v=spf1 include:_spf.google.com ~all, change it to v=spf1 include:_spf.google.com include:amazonses.com ~all — don't add a second SPF record.CAA records
CAA records control which certificate authorities may issue SSL certificates for your domain. If your domain already has a CAA record and it doesn't include Amazon, AWS can't issue the certificate for your link. subdomain.
Yaplet detects this automatically. If a CAA record is blocking issuance, you'll see a "CAA record blocks certificate issuance" alert and Yaplet adds the exact record you need to the Secure-links section:
| Type | Name | Value |
|---|---|---|
| CAA | yourcompany.com | 0 issue "amazon.com" |
If your domain has no CAA record at all, you don't need one — CAA only restricts issuance when it's present, and it only affects link tracking, not sending.
Verifying your domain
You don't run a manual "Verify" step anymore. After you add the records, Yaplet checks DNS for you (automatically every 20 seconds, and on demand via Re-check status). Once your DKIM records are detected, AWS verifies the domain — usually within 5–60 minutes — and the status flips to Verified for sending. You can close the page and come back; it re-checks when you return.
Adding Email Addresses
Once your domain is verified, create sending addresses on it from the Emails tab:
Click "Add email"
Enter the email prefix
Type the part before the @ — for example newsletter creates [email protected]. Prefixes must be 3–30 characters, lowercase letters, numbers, dots, hyphens, or underscores, and start and end with a letter or number. Some prefixes are reserved (such as no-reply, postmaster, abuse, and admin).
Select a widget
Choose which widget this address is linked to. Incoming emails to it route to that widget's inbox.
Click "Add"
The address is ready immediately — for inbox conversations and, for newsletter campaigns, as a sender option.
Incoming Emails and Threading
If you added the optional Receiving record, custom-domain addresses behave just like yaplet.io addresses for inbound mail: incoming emails create chats in the inbox (assigned to the linked widget), threading is automatic via a unique Reply-To, and email-source chats auto-send agent messages as email with an "Email" badge.
Deliverability
Once you're sending, Yaplet manages your domain's sending reputation automatically — ramping volume up per email provider when bounce and complaint rates stay healthy, and pulling back when they don't. The Deliverability tab on each domain shows a per-provider health score so you can see exactly how you're landing.
Email Deliverability
Read the bounce/complaint health bands, the per-provider breakdown, and what to do if a provider goes "at risk".
Send Logs
To see send statistics for the last 7 days, open the domain's actions menu (the ⋯ button next to the domain selector) and choose View send logs. The logs break volume down by type — Campaign, Workflow, and Other (inbox replies, notifications, and transactional mail) — so you can monitor what's going out.
Managing Domains
Switch domains using the dropdown at the top of the Domains tab — each domain has its own setup, deliverability, and addresses.
Delete a domain from the actions menu. This is permanent and removes all of its email addresses; any in-flight or scheduled mail from it will fail. Make sure no active campaigns or workflows depend on its addresses first.
Want a dedicated IP?
By default all Yaplet mail goes out from a shared, pre-warmed IP pool — the right choice for almost everyone. High-volume senders who want a sending reputation entirely their own can enable a dedicated IP for the domain.