We're reclaiming inactive PDIs to keep them available for active builders. Learn what's changing, who's affected, and how to protect your work. Read More

Best Practice for Custom Sender Email Domain in ServiceNow (External SMTP vs. DNS Authentication)

Shiny-Syslabo
Tera Expert

Hi geniuses, I need your help!

 

We are currently working on a ServiceNow App Engine implementation and looking into changing the sender email address for outgoing emails.

Instead of the default @Service-Now.com, we want to use our client's custom domain.

 

We are considering the following two patterns and would love to hear your thoughts on which is the best practice, along with any real-world case studies or lessons learned.


Pattern A: Routing through the client's SMTP server

  • Approach: Disable the default ServiceNow SMTP server and route all outgoing emails through the client's own mail server.

Pattern B: Modifying the "From" address and updating the client's DNS

  • Approach: Keep using the default ServiceNow SMTP server, but change the "From" and "Reply-to" headers to the client's custom domain.

  • DNS Updates: To prevent spoofing/spam flags, we planned to add ServiceNow’s SPF record to the client’s DNS.

  • Current Test Result for Pattern B: We tested changing the "From" address. The emails are delivered, but they trigger a warning in the recipient's inbox saying "Sender could not be verified" (or showing "via service-now.com").

  • (Note: We are not network/DNS experts, but we understand we need to make further DNS adjustments to resolve this warning.)


Our Questions:

  1. Do you have any experience or case studies implementing Pattern A or Pattern B in your past projects?

  2. Which approach is generally recommended as the best practice?

  3. For Pattern B, what specific DNS configurations (SPF, DKIM, DMARC, etc.) are required to completely get rid of the "Sender could not be verified" warning?

Any advice, pros/cons, or gotchas you could share would be highly appreciated!

Thank you in advance!

0 REPLIES 0