White labeling DNS records for your customers: Tips and tricks

White labeling and white label solutions are common in just about any market, from emails to grocery stores, and it's easy to see why. Read more...



Many of our customers run large-scale digital marketing applications on top of Mailgun for their own customers. For example, Vero and Userfox are email service providers that built their awesome digital marketing automation apps on top of Mailgun — we’re their white label partner. Their customers might not even know that their private label is built on top of Mailgun, and that is fine for us! 

White label products and solutions are common in just about any market, from emails to grocery stores, and it’s easy to see why. Having another company provide a robust infrastructure and back-end to build on allows you to focus more on your company’s brand, products, and business, rather than building a complex solution in-house. It’s exactly like when a store brand uses the same generic product produced by a generic brand, just under their own label. Plus, it’s cost-effective to use a white label service, and everyone loves saving money.

We want our customers to control the relationship with their own customers via their brand name, not ours.

That means providing a variety of white label solutions to better utilize our services under their own branding. In doing this, when a customer searches for something related to their own product in a search engine, companies like Vero and Userfox pop up as a result, and not Mailgun. Which brings us to today’s tip.

White labeling SPF records

SPF stands for Sender Policy Framework. It is a method to prevent sender address spoofing by verifying sender IP addresses. Basically, when a sender adds an SPF text record to their domain (say,, they are authorizing an email service provider, like Mailgun, to send emails from Non-authorized IPs will not be permitted to send from Without this record in place, receiving ESPs like Gmail and Yahoo are more likely to flag the email as spam.

An SPF for Mailgun record looks like this

v=spf1 ~all

Notice that the record includes Some application providers don’t want to expose to their own customers that they are using Mailgun via this SPF record. And they don’t have to thanks to SPF record chaining.

An example of SPF record chaining

Imagine you’ve built the world’s most awesome CRM system — — and you allow your customers to email their contacts directly through your system. You want them to be able to white label their own emails so that they use their own domain instead of for sending. Easy. You can just create a custom domain for them in your Mailgun account and provide your own customer an SPF string that includes instead of At the same time, you will set up your own SPF record that points to, it’s like a chain.

Assuming your customer owns

  • TXT record for v=spf1 ~all

  • TXT record for v=spf1 ~all

And there you have the end product! The transitive property means that your customer’s SPF record points to Mailgun, even though they think it is only pointing to you.


Happy emailing,

The Mailgunners

Sign Up

It's easy to get started. And it's free.

See what you can accomplish with the world’s best email delivery platform.

Related readings

Same API, new tricks: Get event notifications just in time with webhooks

So, we had a few thoughts while working on this update to the API - and maybe you’ve had them, too: Webhooks are great! Everyone should use them. Pulling sending data directly...

Read more

How to effectively use webhook for email delivery

At Mailgun, we’re all for automation and improving how you design and deliver your email program. So, if data is the new gold, what does this mean for your email workflow if you...

Read more

Your guide to using webhooks

You already know that email isn’t a send-and-forget thing. When you’re sending a message, you want to know how to track it and respond to any issues, right? After all...

Read more

Popular posts

Email inbox.

Build Laravel 10 email authentication with Mailgun and Digital Ocean

When it was first released, Laravel version 5.7 added a new capability to verify user’s emails. If you’ve ever run php artisan make:auth within a Laravel app you’ll know the...

Read more

Mailgun statistics.

Sending email using the Mailgun PHP API

It’s been a while since the Mailgun PHP SDK came around, and we’ve seen lots of changes: new functionalities, new integrations built on top, new API endpoints…yet the core of PHP...

Read more

Statistics on deliverability.

Here’s everything you need to know about DNS blocklists

The word “blocklist” can almost seem like something out of a movie – a little dramatic, silly, and a little unreal. Unfortunately, in the real world, blocklists are definitely something you...

Read more

Mailgun iconSee what you can accomplish with the world's best email delivery platform. It's easy to get started.Let's get sending
CTA icon Mailgun Icon