As you approach the upcoming ceremony season, it’s crucial to address a significant change in email policies that could impact your email communications to graduates from the Tassel Hub. Google, Yahoo, and Microsoft have strict email policies aimed at combating spam and spoofing.
It mandates the authentication of every domain using SPF, DKIM protocols, directly affecting how emails from Tassel reach your student body. If your domain isn’t fully verified, this could significantly hinder your email deliverability ahead of commencement.
To avoid any communication disruptions, please follow our step-by-step domain verification guide below.
Email Domain Verification Guide
To ensure important commencement emails sent from the Tassel Hub reach your graduates, your domain must be authenticated with both SPF and DKIM records.
This is mandatory for all schools using the platform.
Required DNS Records
All records below use your sending domain. For example, if sending from grads@university.edu, the domain is university.edu.
If you would like to use a subdomain specifically for Tassel to use for sending, such as tassel.university.edu, all DNS records below should use that subdomain instead, and your sending address would be something like grad@tassel.university.edu.
Step 1: SPF Record (Required)
Add include:_spf.elasticemail.com to your existing SPF record.
If no SPF record exists, create one:
- Type: TXT
- Host: @ (or your subdomain)
- Value: v=spf1 include:_spf.elasticemail.com ~all
Step 2: DKIM Record (Required)
- Type: TXT
- Host: api._domainkey.<your_domain>
- E.g. api._domainkey.university.edu
- E.g. api._domainkey.tassel.university.edu
- Value: k=rsa;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbmGbQMzYeMvxwtNQoXN0waGYaciuKx8mtMh5czguT4EZlJXuCt6V+l56mmt3t68FEX5JJ0q4ijG71BGoFRkl87uJi7LrQt1ZZmZCvrEII0YO4mp8sDLXC8g1aUAoi8TJgxq2MJqCaMyj5kAm3Fdy2tzftPCV/lbdiJqmBnWKjtwIDAQAB
Step 3: Notify Tassel
Notify Tassel of the sending domain so that it may be added and verified in the system.
Send the domain university.edu to your CSM for verification. Your CSM will let you know if verification was successful on our end.
Please note that once an SPF/DKIM record has been updated, it may take up to 48 hours for the settings to propagate and properly verify.
SPF Record Full?
Use a subdomain (e.g., commencement.university.edu) and configure forwarding to your primary inbox.
SPF Macros
If your existing SPF record contains variable syntax like this:
v=spf1 include:%{ir}.%{v}.%{d}.__spf.university.edu ~all
This is an SPF macro. Using an SPF Macro to complete the above DNS record changes is currently not recommended.
Domains using SPF macros require manual verification, which can take up to 2 business days. Contact your Customer Success Manager to begin this process.
If you are unable to add SPF/DKIM Records, please reach out to your Customer Success Manager for assistance.
Why This Matters
In February 2024, major email providers including Google, Yahoo, and Microsoft began enforcing stricter authentication standards for incoming mail. These requirements are now industry standard.
To ensure graduates receive important emails from your institution—such as ceremony registration, announcements, and event details—the DNS records above must be configured. Without proper authentication, emails may be blocked or sent to spam folders.
Updating DNS Records by Provider
- Sign in to your Domain Portfolio
- Select your domain
- Click DNS > Add New Record
- Select TXT as the record type
- Enter the Host and Value, then Save
- Log in and select your domain
- Go to DNS > Records
- Click Add Record
- Select TXT, enter the Name and Content, then Save
- Sign in to the Microsoft 365 admin center or Azure portal
- Navigate to Settings > Domains or your DNS zone
- Add a new TXT record with the appropriate host and value
- Open the Route 53 console
- Select your hosted zone
- Click Create Record
- Choose TXT as the record type, enter values, and Save
- Open the Cloud DNS console
- Select your managed zone
- Click Add Record Set
- Select TXT, enter the DNS name and value, then Save
- Log in and go to Domain List
- Click Manage next to your domain
- Select Advanced DNS
- Click Add New Record, select TXT, and enter values