Many ISPs authenticate e-mail using DKIM certification. DKIM works by having a company sign an e-mail with their private key, and then publish a public key in their DNS, which is then used to verify the e-mail signature. The domain that is checked for the public key is based on a field in the DKIM signature header in your email. This field is the “d=” parameter of the signature.

By default, SendGrid signs all e-mail with DKIM to improve its deliverability. For shared accounts such as Free or Bronze plans, this signature uses the domain. For higher tier packages with whitelabeling setup a custom domain is used. In order for this custom domain to be correctly certified the appropriate public key MUST be present in the domain’s DNS records. For more info on how this record is added go here.


Name Required Description
Domain No Sets the sender domain.
Use From domain No Sets the DKIM domain to the sender domain

Settings may be changed through: