Here is an example of the Specify domain toggle under the Email Sources page. This toggle is hidden by default, and only shows when you go ahead and Edit an Asset of yours.
Example:
Let's say that your top level domain eg. example.com
is used by a marketing service such as Vuture. Vuture uses this top level domain as the From
header of emails, but requires a subdomain of your domain to be used as the Return-Path
header of emails (this is the header that SPF is based on).
So, under example.com, after you have added Vuture as an Asset, you can turn the toggle on under SPF and specify the subdomain eg. vx.example.com
, and populate the SPF mechanism that you have created under the subdomain. The "specify domain" essentially tells OnDMARC where to go and check for your SPF mechanism. Without it, we would not know that it exists under a subdomain, because by default we always check the domain specified at the top of the Email Sources page ie. the domain that you are into on the page.
The same logic applies to DKIM as well, if your DKIM key exists in a subdomain that is different to the domain specified in the Emails Sources page, you can use the "Specify domain" toggle and enter it.
The example below shows that the DKIM selector entered should be found in the specified domain.