It’s easy to send messages in Intercom from your own email address. We recommend using your own domain to improve the personalization and deliverability of your emails.
By default, your temporary Intercom email address is set as your outbound email address. You can find this in Settings > Channels > Email:
Your default outbound email address will appear as your "from" address when your customers receive an email in their inbox.
Change your default address
If you’d like to use your own email address for your outbound emails, you can set this up in one of two ways:
Use the email address you signed up to Intercom with as your default address.
Set up a custom email address and map to the same inbound email address that customers contact you on (use this if you’re using a shared email address like support@examply.com, or if you’d also like to change the "reply to" and "return path" addresses).
You'll need access to your DNS settings to send email from your own address with either of these methods.
Option 1: Use the email address you signed up to Intercom with
You may want your emails to appear as though they’re coming from your company domain. If you signed up to Intercom using your company email address, you can easily set this up by changing your default outbound email address.
Select Use your domain and email address, found within Settings > Channels > Email👇
We’ll email you to verify your address shortly after you save this option. You must click to confirm and allow this email address to be used. You'll also need to verify your domain with a DKIM record. We explain how to do this below.
After verifying your domain, when you’re setting up an outbound email, your "from" address will be the address you used to sign up to Intercom.
This will also appear as the "from" address on your outbound emails in email clients.
You can’t change the "reply to" address in Intercom with this option.
To change these addresses, or to use a shared team email address like support@examply.com, you should add a custom email address. In Option 2 we'll show you how.
Option 2: Use a custom email address
If you’d like to send your emails using a different email address, like a shared email address, you can do this by adding it as a custom email address. This is useful if you’d like certain outbound emails to appear as coming from a team, or if you'd like to change how your name appears in email clients.
You must have the Can send outbound emails from custom addresses permission enabled to send emails from a custom address.
Go to the Settings > Channels > Email and, under Sender email addresses section, select Use your domain and email address.
Toggle the Map to inbound email address switch to ensure replies to inbound emails will send from the verified custom address the customer contacts you through. With this option, if a customer contacts you through support@examply.com, then your replies will also come from support@examply.com.
Next click on Add custom address, enter the display name and custom email address you want to use, and click Confirm.
If you're using a previously unverified email address, we’ll send you an email to confirm it, and you'll also need to verify your domain with a DKIM record. We explain how to do this below.
Once you verify your email and your domain, you’ll be able to choose this address when setting up an outbound email from Proactive Support, or creating a new email conversation from the Help Desk.
The last step is to choose the default address for group conversations, forwards and notification emails. Custom addresses are also available to select from the email editor.
How to change the "reply to" address in outbound emails
If you’re sending a once-off email to a small group VIP customers, for example, you might want to receive their replies directly in your email client. You can do this by changing the "reply to" address of your outbound email.
You can only change the "reply to" address if you use a custom email address as your "from" address.
First, choose a custom email address as your "from" address.
Then, you can change the "reply to" address to a custom email address.
Now, replies to your message will go to that email address only.
If you change the "reply to" address to a custom email address, replies won’t be captured in Intercom. If you want replies to go back to Intercom, use a default email address as your "reply to" address.
Verify your domain
When you're ready to send email in Intercom, we highly recommend using your own address. This means you must verify your domain so that email clients can be confident it was sent by us with your permission. Verifying your domain also removes emails being tagged with “via intercom-mail.com" in some email clients, such as Gmail or Outlook.
To achieve this, we use DKIM to sign the messages we send on your behalf. Email clients can verify these signatures against the DNS record you set up for your domain.
Together with DNS records for custom return paths and the DMARC record, we're able to fully align the domains in the email header to assure recipient mail servers that Intercom is authorized by you to send emails for your domain. A custom return path record allows the email you send from Intercom to be SPF aligned for DMARC.
Without setting up your domain, you and your customers will see an Unauthenticated warning, like this👇
Useful terminology
DomainKeys Identified Mail (DKIM) - allows an organization to take responsibility for transmitting a message, in a way that can be verified by a recipient. The responsible organization adds a digital signature to the message, associating it with a domain name of that organization.
Sender Policy Framework (SPF) - checks if the sender of an email is legitimate. By having an SPF record, Internet Service Providers can ensure that a mail server is authorized to send emails for a specific domain. This record is a DNS TXT record, indicating which IP addresses are allowed to send emails on behalf of your domain.
Domain-based Message Authentication, Reporting & Conformance (DMARC) - is a tool that makes sure emails are genuine. It works with SPF and DKIM to strengthen email security. It sets rules for handling email issues and gives feedback to improve protection against fake emails for a domain.
Set up DKIM, custom return path and DMARC
Visit the Domains page in email settings. This page contains the information you'll need to configure the DNS records for each of the domains you use as part of your sender addresses. It'll look like this 👇
Select the name of your domain provider to get tailored setup instructions. Click on Share instructions to get specific instructions you can share with your IT team.
Don’t worry if your provider isn’t in the list. We’ll show you how to copy the records in the next step.
Click Next to move to step 2: Copy your records. Here you can copy the names and values of the CNAME and TXT entries to update your external DNS configuration.
The first CNAME record is used to configure DKIM on emails you send from Intercom. This allows the email you send from Intercom to be DKIM aligned for DMARC.
The second CNAME record is used to configure the return-path address on emails you send from Intercom. This allows the email you send from Intercom to be SPF aligned for DMARC.
The TXT record is used to configure the DMARC policy on emails you send from your domain. This step is required by Google and Yahoo if you are sending more than 5,000 emails per day but we highly recommend it regardless of how much email you are currently sending as it’ll help your email reach your customers’ inboxes.
Your domain will show as unauthenticated until all three records - the two CNAME records and the TXT record - have been added to your DNS records and propagated by your DNS provider.
If two or more of your sender addresses use the same domain, you will only need to configure the DNS entries once for emails sent using any of these addresses.
Important: Many DNS providers (e.g. GoDaddy) require that only the name of your subdomain be added, rather than the full name as provided in the Copy your records section. For these providers, an example name of "intercom._domainkey.example.com" will need to be entered simply as "intercom._domainkey".
Your DNS provider's documentation should provide details on their requirements.
The final step is to click on Check status. If configured correctly your status will change for each DNS record will change to Authenticated and your domain will be fully validated.
If the DNS records are all correctly created, the records will each be marked as Authenticated. It may take up to 24 hours for the DNS records to propagate after you make the change however, depending on your provider.
Assign teammates to receive email deliverability notifications
Teammates can be notified if there are any email deliverability issues with this workspace in Settings > Channels > Email and under the Domain tab. The workspace creator and the billing admin will always be notified by default and can't be removed from being notified.
Teammates added to this list will be notified if email sending is paused, and your workspace is under review.
FAQs
What is the "From" address when a conversation starts in Messenger first, then goes to email?
We will use the default email address selected when enabling the option.
Where will email notifications come from?
Email notifications are sent from the default email address.
What happens when the conversation starts via chat and moves to email?
If the conversation starts through chat and we have the user’s email we will send them the usual email notification when the admin replies. The notification will come from the selected default address (ex. support@company.com).
If you select ‘You’ as the from address when sending an outbound message, then the address you signed up with will be the from/reply address, e.g. support.example@company.com. After the end user replies and you send another email, the initial sender will be the kept as the 'From'.
Do I need to enable SPF?
No, Intercom handles that for you. Emails sent from Intercom include a return-path header. When a recipient mail server receives one of our emails and checks the SPF record of the domain in our return-path, they will see that our sending IP addresses are authorized senders.
However, you should create a custom return path record so that we can align the return path on the emails you send via Intercom with your domain. See the instructions above for how to do that.
Can I enable DMARC for sending through Intercom?
Yes, you should. We very much encourage enabling DMARC and we will highlight domains as unauthenticated in the UI if DMARC is not enabled. A DMARC policy on your domain is one of the best mechanisms to combat email spoofing. It will tell recipient email servers how to handle emails which claim to come from your domain. If you believe there is a potential risk of spammers spoofing your domain, DMARC can help. From the 1st February 2024, it will be required by Google and Yahoo if you are sending more than 5,000 emails per day.
What do I need to do to enable DMARC?
DMARC checks that the domain in the "from" address of your emails matches the domain in your DKIM records or the domain in the return-path header. Once you've set up the CNAME records for Intercom, you're all set to create the DMARC record. The simplest possible DMARC record is a _dmarc TXT record containing “v=DMARC1; p=none”.
However, we encourage you to look into setting up DMARC reporting to a DMARC report analysis service as part of moving to a quarantine or reject policy. This will help protect your customers from spammers attempting to spoof your email address.
For domains with a DMARC policy and a valid DKIM and custom return path setup for Intercom, emails sent through our platform will pass DMARC without a problem.
Why do I need to enable DMARC?
From the 1st February 2024, Yahoo and Google require DMARC if you are sending more than 5,000 emails per day. Intercom recommends you do so regardless of how many emails you are sending however. See the instructions above for how to do so.
How can I update the address on my existing auto messages?
If you want your existing ongoing messages to send from your newly created custom email address, you’ll need to update them manually.
Why won't my DNS provider accept the provided CNAME?
While we provide a DNS standard CNAME record, some providers do not allow it.
Sometimes this is not allowed because of the '_' character. We require using a CNAME, because we may in future rotate our DKIM private keys. If we do this, having a CNAME record set up prevents disruption on your side.
Some providers will manually add the CNAME for you if you contact them, so that might be something to explore with your provider, if they don't accept the provided CNAME by default.
Can I send emails from a dedicated IP address?
No, at Intercom we use shared IPs with strict enforcement of thresholds and sending performance to ensure that our shared pools are healthy and incidents are kept rare.
We have found shared IPs to be low-risk and even beneficial for most senders when our Email Sending Guidelines are enforced. We actively take away sending rights from bad senders to reinforce this. If we find that one of our customers has poor sending performance and complaints of spam they will be shut down before they can cause global impact.
At Intercom we also use a variety of tools such as 250ok, MXToolbox, Microsoft SNDS, and Google Postmaster to monitor our sending reputation. We have our own in-house dashboards, monitoring, alarming and paging for any blacklisting events so we can stay on top of any bad actors.
Troubleshooting
If you're adding CNAME records in CloudFlare and they still show as unverified in Intercom, there are a couple of things to check:
Ensure CNAME flattening is disabled for the CNAME record (Cloud icon should be grey).
Set the CNAME record to "DNS only", not "Proxied".
Need more help? Get support from our Community Forum
Find answers and get help from Intercom Support and Community Experts