Sender Domain Setup

Engage can send from one of three domains:

1. The Levy default - *.levyride.com. Works out of the box, no setup.
2. A custom subdomain - rides.yourbrand.com. Requires DNS setup. Recommended for serious senders.
3. Your apex domain - yourbrand.com. Possible but rarely the right choice (more on this below).

This guide walks through setting up option 2.

Why a Custom Domain Matters

If you send from the Levy default, riders see "yourbrand@levyride.com" as the sender. That's fine, but:

• Brand recognition is weaker - riders won't recognize the sending domain.
• Reputation is shared - if another operator on levyride.com does something dumb, your deliverability gets a small ding.
• You can't set your own DMARC policy - the Levy default has a reasonable policy, but you can't tighten it.

A custom sender subdomain gives you isolated reputation and full control.

Why a Subdomain, Not the Apex

The reason almost every reputable sender uses rides.yourbrand.com instead of yourbrand.com:

• Your apex sends transactional mail you might not realize. Receipts, password resets, support replies - if any of those are misconfigured, your marketing sends share the bad reputation.
• A dedicated subdomain isolates marketing reputation entirely from your corporate or transactional mail.
• DMARC policy can be stricter on a marketing subdomain without breaking your operations mail.

We recommend rides.yourbrand.com, mail.yourbrand.com, or similar.

The Setup Wizard

Engage has a DKIM/SPF/DMARC setup wizard that walks you through every step. Open it from Engage > Settings > Sender Domains > Add Domain.

Step 1 - Enter Your Domain

Enter the subdomain you want to send from (e.g., rides.yourbrand.com). Click Provision.

Behind the scenes, Engage:

1. Provisions a Postmark Sender Signature for the domain.
2. Generates the required DKIM keys.
3. Creates a engage_sender_domains row scoped to your subaccount.
4. Allocates a per-subaccount Postmark Message Stream (see below).

Step 2 - Add the DNS Records

The wizard now shows three TXT records to add at your DNS registrar:

Type:  TXT
Host:  rides
Value: v=spf1 include:spf.mtasv.net ~all

Type:  TXT
Host:  20250501._domainkey.rides
Value: k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB[...]

Type:  TXT
Host:  _dmarc.rides
Value: v=DMARC1; p=quarantine; rua=mailto:dmarc@yourbrand.com; pct=100

The exact Value strings come from Postmark - the wizard copies them for you. Paste each into your registrar (Cloudflare, GoDaddy, Namecheap, Route 53, etc.).

Step 3 - Verify DNS

Click Verify DNS. Engage:

1. Calls Postmark to verify DKIM.
2. Does a fresh DNS lookup of the SPF TXT to confirm it includes spf.mtasv.net.
3. Does a fresh DNS lookup of the _dmarc TXT to confirm the DMARC policy parses.
4. Marks the domain status as verified if all three pass.

Most registrars propagate in 5-30 minutes. Cloudflare is usually instant. If your registrar is slow, come back in an hour and click Verify DNS again.

Step 4 - Set as Default

In Engage > Settings > Sender Domains, mark the verified domain as Default. Every future send uses it.

You can keep multiple sender domains and pick per campaign in the composer. Most operators don't need that, but it's there.

Per-Subaccount Postmark Message Streams

Postmark separates outbound mail into Message Streams, which let you isolate reputation between traffic types. Engage allocates one Message Stream per subaccount, called engage-{subaccount_id}.

What you get from this:

• Reputation isolation. A spam complaint on operator A's stream does not affect operator B.
• Stream-level metrics in Postmark - opens, clicks, bounces, complaints scoped to your subaccount only.
• Pause / suspend at the stream level if a single operator goes off the rails, instead of pausing all of Engage.

The dispatcher reads the stream ID off engage_sender_domains.postmark_stream_id when it dispatches.

If engage_sender_domains has no row for your subaccount (because you're using the Levy default), the dispatcher falls back to a shared broadcast stream. That works fine for low-volume operators but doesn't give you reputation isolation - which is why we recommend setting up your own domain.

Reading the DNS Records

If you've never seen DKIM/SPF/DMARC before, here's the 30-second tour:

SPF (Sender Policy Framework)

v=spf1 include:spf.mtasv.net ~all

Translation: "Mail from rides.yourbrand.com is allowed from any server that Postmark (spf.mtasv.net) allows. Everything else, treat as suspicious (~all is soft fail)."

DKIM (DomainKeys Identified Mail)

k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A...

Translation: "Here's the public key for this domain. If a message claims to be from us, it should have a DKIM signature that verifies against this key."

The 20250501._domainkey prefix is the selector - a name that lets you rotate keys without breaking old signatures.

DMARC (Domain-based Message Authentication, Reporting and Conformance)

v=DMARC1; p=quarantine; rua=mailto:dmarc@yourbrand.com; pct=100

Translation: "If a message claims to be from rides.yourbrand.com but fails SPF or DKIM, put it in spam (quarantine). Send aggregate reports to dmarc@yourbrand.com. Apply this to 100% of failing mail."

The wizard ships with p=quarantine by default. After a few weeks of clean sending, you can tighten to p=reject, which means "drop failing mail outright."

Reputation Monitoring

The sender-domain detail page shows:

• Spam complaint rate (target < 0.05%, alert at > 0.1%)
• Hard bounce rate (target < 1%, alert at > 2%)
• Reputation score as reported by Postmark
• Recent DMARC reports (incoming, parsed)

If complaint rate spikes, Engage automatically pauses your subaccount's stream and notifies support. This is a deliberate circuit-breaker to protect the platform.

Warm-Up

Brand new sender domains need to "warm up" - establish a positive reputation by sending small, high-quality volumes before scaling up.

Engage doesn't enforce an automated warm-up schedule, but the rule of thumb:

• Week 1: Send to your most engaged segment only. Stay under 1,000 sends/day.
• Week 2: Add your next-most-engaged segment. Stay under 5,000 sends/day.
• Week 3: Add broader segments. Stay under 20,000 sends/day.
• Week 4+: Scale freely.

If you blast 100,000 emails on day one from a cold domain, mailbox providers will assume you're a spammer and bin everything.

Troubleshooting

"Verify DNS" keeps failing

• Wait 30 minutes after adding records. Some registrars are slow.
• Use dig TXT 20250501._domainkey.rides.yourbrand.com from the command line to confirm the record is live.
• Check for typos in the record value - DKIM keys are very long and easy to truncate during paste.

Postmark reports the domain as "verified" but emails go to spam

• Confirm DMARC is quarantine or reject, not none. p=none means "don't enforce" - many recipients still bin you.
• Check the rendered email's From: header matches the verified domain exactly.
• Confirm your subject line and body don't look like classic spam (all caps, lots of dollar signs, "FREE!!! CLICK HERE!!!").

I want to send from the apex (yourbrand.com)

Possible but discouraged. Contact support - we'll walk you through the additional checks and warn you about the operational mail risk.

---