Trusted Third-Party Senders
Prevent false spoofing alerts when third-party services send mail on behalf of your domain without proper authentication.
Written By Matt Sywulak
Last updated 4 months ago
When to use: Only needed if third-party services aren't properly configured with SPF/DKIM/DMARC for your domain. If they are authenticated, INKY automatically honors it—no configuration required.
Admin Center > Analysis > Trusted Third-Party Senders
Configure Domain Mapping
Map your domains to the third-party services authorized to send on their behalf.
Format: yourdomain.com: thirdparty1.com, thirdparty2.com;
Example: company.com: mailchimp.com, salesforce.com; marketing.company.com: sendgrid.net;
Multiple domains: Separate with semicolons. Multiple third parties per domain: separate with commas.
Treatment Options
Internal - Third-party messages treated as internal mail (no external sender warnings)
Known External - Third-party messages get blue "Known External" banner
Recommendation: Use "Known External" for transparency. Users see these are legitimate but technically external senders.
Common Third-Party Services
Marketing platforms (Mailchimp, Constant Contact, SendGrid)
CRM systems (Salesforce, HubSpot)
Support ticketing (Zendesk, Freshdesk)
Notification services (Twilio, AWS SES)
Add the sending domain these services use, not your domain that appears in the From field.
Before using this feature: Check if the third-party service supports SPF/DKIM/DMARC authentication for your domain. Properly authenticated mail doesn't need this configuration—INKY will automatically recognize it as legitimate.