Email-Sending Domain Verification Requirements
Salesforce is introducing a new requirement starting in Spring ’26. You must verify that you own the email domains you send from Salesforce, or your emails may be limited or stopped.
What is changing?
Salesforce is tightening email security rules so that all emails sent from Salesforce must come from a “verified” domain that you control. This is similar to what major email providers (like Google and Microsoft) are doing to fight spam and phishing.
What “verified domain” means
- A verified domain is an email domain (for example, yourcompany.edu) that has passed security checks in Salesforce, usually via DNS records such as DKIM.
- If your org sends from addresses like admissions@yourcollege.edu, that domain (yourcollege.edu) must be verified in Salesforce.
What happens if you do nothing
- Over time, emails from unverified domains will be restricted or may not be sent at all from Salesforce.
- Even before full blocking, deliverability can drop messages might land in spam or be rejected by recipients.
Who is Affected
- Salesforce admins and IT/email teams need to set up and verify sending domains in Salesforce (often by adding DNS records).
- Users (admissions, marketing, student services, etc.) should confirm that the “From” addresses they use are on verified domains that their admin has set up.
High-level steps
- Identify which email addresses and domains you send from Salesforce (for example, campaigns, notifications, cases).
- Your Salesforce administrator must verify those domains in Salesforce using the new Spring ’26 email domain verification requirement.
For additional information on the change, see the Salesforce Help & Training article Spring ’26 Email-Sending Domain Verification Requirement.
For information on Verifying Email Domains After a Refresh, see Verifying Email Domains After Sandbox Refresh.