Set up custom domain email alias with mailbox.org

How to add a custom domain email alias, including SPF, DMARC and DKIM to an existing mailbox.org email account. Simple step-by-step instruction to use your own domain with mailbox.org.

This instruction is specifically written for mailbox.org [1] and explains in a step by step instruction how to set up e-mail addresses of your domain [2] for use with mailbox.org.

Edit DNS of your domain name

Go to your DNS provider, where the DNS records of the domain name (e.g. example.com) for the email address (e.g. email@example.com) you would like to set up with mailbox.org.

In most cases, the DNS provider is the one, where you registered your domain name.

Add mailbox.org security key to your domain name's DNS

In your mailbox.org account, usually at https://office.mailbox.org/appsuite/ click on the cog wheel next to your user's avatar, to open the settings. From the menu, select "mailbox.org". Then click on "E-mail Aliases" and then scroll down to "Add external address".

There you can enter the email alias - email@example.com for your externally registered domain name, example.com.

Mailbox.org will generate a security key, a Domain Name System (DNS) record, which you have to add to your domain name's DNS. For example:

Domain name: 6acb2ba518998t894bbf11ec7724781ca6e5b210.example.com.
Record type: TXT
Value: 7ec7ec16a1d19c191613cbf741496d133f6e0014

Make sure to use the code generated by Mailbox.org for your email address. Do not copy and paste the example information above!

Add Mail Exchange (MX) records to your domain name's DNS

Associate the Mailbox.org mailservers with your domain name by adding the following 3 mail exchanger (MX) records to your domain name's DNS:

Domain name: example.com.
Record type: MX
Priority: 10
Value: mxext1.mailbox.org.
Domain name: example.com.
Record type: MX
Priority: 10
Value: mxextr2.mailbox.org.
Domain name: example.com.
Record type: MX
Priority: 20
Value: mxext3.mailbox.org.

These are the official Mailbox.org mail servers, you can copy and paste this example.

Note: Some DNS providers abbreviate your domain name to @. So, if the domain name field is prefilled with @ you can leave this unchanged.

Add SPF records to your domain name's DNS

Domain name: example.com.
Time to live (TTL): 3600
Record type: TXT
Value: v=spf1 include:mailbox.org

Note: Some DNS providers abbreviate your domain name to @. So, if the domain name field is prefilled with @ you can leave this unchanged.

Check if the news DNS records have been propagated

To check if everything is in place, you can open the console and use GNU dig to check the DNS configuation of your domain name.

$ dig example.com txt

You should see the example.com. 3600 IN TXT v=spf1 include:mailbox.org entry.

It may take a while, between a few minutes to 72 hours, for the DNS information to propagate worldwide.

DNS propagation is the time DNS changes take to be updated across the internet on the globe.

Go back to your mailbox.org account, where you added the external email address to generate the Mailbox.org security code.

Under "Add external address", enter the email alias - email@example.com - once again.

If Mailbox.org can also access the newly added DNS information, adding your new external email address will be successful. You should see a green box, stating "Your external alias was added successfully."

Add DKIM record to your domain name's DNS

Add a DomainKeys Identified Mail (DKIM) record with the following information to your domain names DNS records:

Domain name: MBO0001._domainkey.example.com
Record type: TXT
Time to live (TTL): 3600
Value: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2K4PavXoNY8eGK2u61LIQlOHS8f5sWsCK5b+HMOfo0M+aNHwfqlVdzi/IwmYnuDKuXYuCllrgnxZ4fG4yVaux58v9grVsFHdzdjPlAQfp5rkiETYpCMZwgsmdseJ4CoZaosPHLjPumFE/Ua2WAQQljnunsM9TONM9L6KxrO9t5IISD1XtJb0bq1lVI/e72k3mnPd/q77qzhTDmwN4TSNJZN8sxzUJx9HNSMRRoEIHSDLTIJUK+Up8IeCx0B7CiOzG5w/cHyZ3AM5V8lkqBaTDK46AwTkTVGJf59QxUZArG3FEH5vy9HzDmy0tGG+053/x4RqkhqMg5/ClDm+lpZqWwIDAQAB

DKIM is an email authentication method designed to detect forged sender addresses in email (email spoofing), a technique often used in phishing and email spam.

This is the official Mailbox.org DKIM key, you can copy and paste this example.

Add DMARC DNS record to your domain name's DNS

Add a Domain-based Message Authentication, Reporting, and Conformance (DMARC) [4] record to your domain names DNS. DMARC is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.

Add two additional Email aliases, hostmaster@example.com and postmaster@example.com. Aliases for postmaster@, abuse@, hostmaster@ and webmaster@ are not counted towards to total allowed aliases. They are free with Mailbox.org.

Domain name: _dmarc.example.com
Record type: TXT
Time to live (TTL): 400
Value: v=DMARC1;p=none;rua=mailto:postmaster@example.com;ruf=mailto:hostmaster@example.com

Do not copy and paste this example, make sure to put the email addresses you have created for rua and ruf.

Done

That's it, you can now use the Mailbox.org web client to send and receive emails as example.com.

To be able to use your new Email alias, with your favorite email client, you need to add it there, too. Manuals can be found in the Mailbox.org documentation [3].

Abbreviations

TTL
Time to live - a mechanism which limits the lifespan or lifetime of data in a computer or network.
DNS
Domain Name System - a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet.
DKIM
DomainKeys Identified Mail - an email security standard designed to make sure messages aren't altered in transit between the sending and recipient servers.
SPF
Sender Policy Framework - an email authentication method designed to detect forging sender addresses during the delivery of the email.
DMARC
Domain-based Message Authentication, Reporting, and Conformance - a standard email authentication method to prevent domain spoofing.

References

  1. Mailbox.org
  2. Mailbox.org documentation - Using e-mail addresses of your domain
  3. Mailbox.org documentation - Configuring email
  4. DMARC