What does this mean?
By default, Patient Messages are sent from Ocean using "no-reply@cognisantmd.com" as the "From" email address. However, you are able to change this to your own custom address if you own your own domain name, such as "no-reply@myclinic.com".
Using your own email address has the following benefits:
- The email is less likely to be routed to your patient's spam folder.
- It's more likely to capture your patient's attention.
- In the event that the patient's email address is incorrect, any email 'bounce back' messages can be returned to you instead of being lost.
To use this feature, you must use your own domain name and have the ability to modify your DNS records with your domain name registrar.
Specifically, you must add either an SPF TXT record or DKIM DNS records instructing email providers (like Google and Yahoo) to use Ocean’s domain key to verify email from your domain was sent by Ocean.
While Ocean will use your custom “From” email address when either SPF or DKIM are setup correctly, we recommend all the following DNS records be created for the best deliverability:
- SPF TXT record allowing Ocean to send email on your behalf.
- DKIM CNAME records using Ocean’s domain key.
- DMARC TXT record telling email providers like Google and Yahoo what they should do if an email message cannot be verified to be legitimate. (This can be the case if an email is sent by somebody pretending to be you).
How do I do it?
As this change requires technical expertise and owning your own domain name, it's not for everyone.
Warning: We strongly recommend consulting an IT professional to assist with DNS record modification, as mistakes can result in your emails being improperly flagged as spam, or issues with your website.
SPF
- Go to your DNS provider's website and check if you have an existing SPF TXT record. Existing SPF TXT records look something like this:
"v=spf1 ip4:192.0.2.0/24 ip4:198.51.100.123 -all"
-
If you don't have an existing SPF TXT record, we recommend consulting an IT professional to create one.
SPF TXT record construction is outside the scope of this article but your domain registrar should have detailed instructions on how to create one.
All SPF records are of type "TXT". Once your SPF TXT record has been created, please refer to Step 3 below.
Note: Only TXT records in SPF format are supported. The SPF DNS record type may not be used.
- If you have an existing SPF TXT record, add the following after v=spf1and before -all:
include:_spf.cognisantmd.com
- The finished product in the example above would look something like this:
"v=spf1 include:_spf.cognisantmd.com ip4:192.0.2.0/24 ip4:198.51.100.123 -all"
or this:"v=spf1 include:_spf.cognisantmd.com -all"
- Save the new record and allow DNS changes time to propagate. (This may take an hour or even 1-2 days, depending on your DNS settings.)
Note: Only one of SPF or DKIM is required for Ocean to send email from your domain. We do however strongly recommend you setup both (as well as DMARC) for the best email deliverability.
DKIM
- Go to your DNS provider's website.
- Create a CNAME record with the following values:
- Record Name: oceanmd1._domainkey.your_domain
- Record Value: oceanmd1._domainkey.cognisantmd.com
- Save the new record and allow DNS changes time to propagate. (This may take an hour or even 1-2 days, depending on your DNS settings).
- Create a second CNAME record with the following values:
- Record Name: oceanmd2._domainkey.your_domain
- Record Value: oceanmd2._domainkey.cognisantmd.com
- Save the new record and allow DNS changes time to propagate. (This may take an hour or even 1-2 days, depending on your DNS settings).
Note: Only one of SPF or DKIM is required for Ocean to send email from your domain. We do however strongly recommend you setup both (as well as DMARC) for the best email deliverability.
DMARC
- Go to your DNS provider's website.
- Search for a record named: _dmarc
- If you have an existing DMARC record already set up, you do not need to change it. You can skip the rest of these DMARC steps.
- If you do not have an existing DMARC record set up, we recommend creating one.
- Create a TXT record with the following values:
- Record Name: _dmarc.your_domain
- Record Value: v=DMARC1; p=none
- Save the new record and allow DNS changes time to propagate. (This may take an hour or even 1-2 days, depending on your DNS settings).
Note: This is a minimal DMARC policy record. Configuring it further is outside the scope of this article. Please consult with an IT professional for assistance.
Send Test Email
It's a good idea to send some test emails using your usual email client to ensure they aren't flagged as spam
You can verify your SPF and / or DKIM configuration by inspecting the full, unformatted email body. In GMail, you can view this by clicking the three dot icon in the top right and selecting "Show original". The summary should show a section with SPF PASS, DKIM PASS, or both.
Tips
- The macOS terminal command "dig yourdomainname txt" will confirm whether the SPF record is saving as expected. It should eventually display your SPF record once propagated. Note, however, that there may still be other delays before email providers recognize this change.
- The macOS terminal command “dig oceanmd1._domainkey.your_domain cname” will confirm whether your new DKIM record has been saved as expected. It should eventually display your DKIM record once propagated. Note, however, that there may still be other delays before the email providers recognize this change.
- Verify the second DKIM record with the macOS terminal comment “dig oceanmd2._domainkey.your_domain cname”.
Enable Your Custom "From" Email Address in Ocean
Once you have your DNS records configured properly, login to the Ocean Portal, click 'Menu' in the top left corner, select 'Admin', and then select 'Site Account'.
Enter your email address in the 'Email 'From' Address' field.
How Ocean Validates Your DNS Records
Upon entering your custom email address in the 'Email 'From' Address' field, Ocean will validate that your DNS records allow us to send email on your behalf:
- If a green status icon appears, it means that SPF and DKIM are valid and supported by a DMARC record. This is the recommended configuration.
-
If Ocean finds your DNS records to be valid (i.e., a yellow or green status icon appears), an email will be automatically sent to the OceanMD Support team for manual approval.
Until it is approved by the OceanMD Support team, the configuration is not complete.
If your DNS records cannot be validated (i.e., a red icon appears) , or the OceanMD Support team does not approve your custom address, Ocean will not send using your custom address. In this situation, please review your DNS configuration to ensure that it is correct and/or contact the OceanMD Support team to follow up on your approval.
Once successfully configured and approved, Ocean will continue to automatically validate your custom "from" address periodically to ensure that SPF, DKIM (SPF or DKIM must always be configured correctly) and DMARC (not required but recommended) DNS records still allow us to send email on your behalf when present.
If validation fails, Ocean will revert to using Ocean's default "no-reply" email address automatically, so no action is required on your part.
If you ever change the custom email address, the OceanMD Support team will need to re-approve the new address.