What is White-Labeling?

To simplify the process of sending email through the SocketLabs platform we use our own domain(s) in a few important places behind the scenes. White-labeling your email is a process that masks the SocketLabs platform and related domains used in the delivery process. This allows messages to reference only your own domain. These features can be very useful for customers who want to ensure that their email is branded to appear to originate directly from their own systems. White-labeling also allows a company to entirely isolate its sender reputation and possibly improve message delivery results. SocketLabs highly recommends all customers set-up the optional white-labeling features.

The white-label set-up process involves the configuration of multiple DNS entries with your domain’s DNS provider. These entries are then verified in the corresponding SocketLabs Control Panel configuration pages. By following this guide, you will be able to white-label our service for the messages processing through your SocketLabs server.

What is a CNAME?

A custom host name or CNAME record is a DNS entry specifying that one domain name is an alias of another domain, which is referred to as the “canonical” name. This is an essential component of white-labeling email because it allows for the display of your organization's own domain name, while the actual infrastructure behind the entry is the SocketLabs platform.

What is a TXT record?

A TXT record is a DNS entry that provides text information about a domain that is human-or machine-readable. TXT records often store information for authentication at a domain. For example, Google Analytics requires that in order to use its service, site ownership must be verified through a TXT record containing a unique code that it supplies. Each time Google Analytics is accessed, it will look through the domain records and verify that a matching code is provided in a TXT record. In terms of email, TXT records can be used for DKIM and SPF authentication.

Getting Configured

Custom Bounce Domain

The first and most important feature to establish when white-labeling your email messages is a Custom Bounce Domain. When we process a message on your behalf, in order to capture failures and bounces, we supply a bounce address, or return path address, that has been customized for that specific message. This is called a Variable Envelope Return Path (VERP). By default the domain portion of this address is a SocketLabs domain, this feature allows you to customize this and use your organization’s own domain instead. Enabling the Custom Bounce Domain feature allows you to achieve DMARC aligned SPF authentication. Please see our Custom Bounce Domains guide for more information.


As noted above, the Custom Bounce Domain feature automatically authenticates your mail with aligned SPF. We still recommend updating (or creating) an SPF record at your organizational domain to ensure your mail is fully authenticated to send email through our platform. More information on SPF can be found here.


The next step in white-labeling your email is the configuration of DKIM signing. This can be found for your server by navigating to the Configuration dropdown menu bar, then selecting DKIM Signing from the options. On this page you will find a choice of two DKIM signing options: Custom and Advanced Signing.

Custom DKIM signing is a more simple method of achieve aligned DKIM authentication. It is designed for SocketLabs customers that only send on behalf of a single domain and want the easiest set-up process. In this signing method SocketLabs remains in control of both public and private DKIM keys, allowing you to authenticate your mail with DKIM without having to manage keys.

The Advanced Signing option is designed for SocketLabs customers that need to DKIM sign mail on behalf of multiple domains, have strict security requirements, or simply better understand DNS, and email authentication.

Custom and Advanced DKIM signing features are only applied to messages in which DKIM Signing has been established for the domain of the Purported Responsible Address. For most senders this means the domain of the From address visible to recipients must match the Domain on file for Custom and Advanced DKIM signing.

Custom DKIM Signing

Custom DKIM Signing involves creating a very specific CNAME record that points to dkim._domainkey.email-od.com. Once the CNAME entry has been configured, enter only your domain in the DKIM Settings page, with Custom Signing selected. Please see our article specific to Custom DKIM Signing for specific configuration instructions.

Advanced DKIM Signing

The basic concept with Advanced DKIM Signing is that you must first generate a unique public private key pair. The public key will get placed in the DNS of the signing domain. The private key and selector get configured in the SocketLabs Control Panel. For the full configuration instructions and guide, please see our article specific to Advanced DKIM Signing

Engagement Tracking

The final white-labeling feature that SocketLabs offers is Engagement Tracking. This allows customers to monitoring which recipients are opening and clicking on their messages. It also enables using the built-in SocketLabs unsubscribe feature.

Engagement Tracking requires a DNS CNAME pointing to tracking.socketlabs.com. This can be the same CNAME record that you already created for Custom Bounce Domain. To turn on Engagement Tracking, you can navigate to the Engagement Tracking settings page in the Control Panel. This can be found for your server by selecting Configuration from the dropdown menu bar, then selecting Engagement Tracking from the menu.

Configuring Engagement Tracking is recommended as part of the white-labeling process, but it is not required to send mail. Please see our Engagement Tracking for more information.

Updated 18 days ago

What is White-Labeling?

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.