Custom Email Domain (DKIM) v1

The Custom Email Domain feature applies your domain as the sender (“From:” line) of emails sent by our (TableCheck’s) system using the DKIM (DomainKeys Identified Mail) standard. This encompasses all guest-facing emails sent by TableCheck, including booking confirmations, thank you mails, feedback surveys, and EDM marketing.

Target Audience

The Custom Email Domain feature is intended for enterprise customers who wish to have their brand domain applied to all emails. When using a Custom Email Domain, it is additionally possible to customize the look-and-feel of emails (including colors, images, wording, header/footer, etc.) within TableCheck’s system.

Alternative Solutions

If you require to send via your own emails messages with full control over the email content, please refer to the Messaging v1 API instead. This integration will be a significant effort on your end, including preparing email templates, etc. Therefore, it is generally preferred to use Custom Email Domain instead.

Technical Prerequisites

We use DKIM (DomainKeys Identified Mail) in order to authenticate and apply your domain name to TableCheck’s emails. As a prerequisite, you must be able control and configure DNS records according to TableCheck’s specifications for the domain(s) from which you wish to send emails. In particular, you must have:

• A domain name.

• The ability to set TXT and SPF records on the domain name.

• A desired sender identity, such as no-reply@subdomain.yourdomain.com.

• Ability to set DMARC (Domain-based Message Authentication, Reporting and Conformance) records to protect your domain from unauthorized use.

Lastly, note that Custom Email Domain does not use your SMTP server.

Technical Overview

Emails Sent by TableCheck

TableCheck sends various types of email to your guests including:

• Transactional Mails: Reservation booking and confirmation mails. These are required as part of the booking flow.

• Quasi-Transactional Mails: Optional follow-ups such as thank you mails and surveys. These are deemed “quasi-transactional” as they are related to the booking transaction, but strictly-speaking are unsolicited.

• Marketing Mails: Unsolicited emails sent as part of EDM marketing campaigns, e.g. inviting guests to book again.

For an exhaustive list of mail types, refer to the Messaging v1 documentation.

TableCheck provides various internal controls on when and to whom various mails can be sent. For questions regarding compliance with various privacy regulations (e.g. GDPR, CCPA, etc.) please contact support@tablecheck.com.

In addition, there are various types of mails sent to your internal staff, such as alerts and reports, which are generally out-of-scope for Custom Email Domain.

DKIM (DomainKeys Identified Mail)

DKIM (DomainKeys Identified Mail) is an email authentication method designed to protect against spoofed email sender addresses, which are common in phishing and email spam. With DKIM:

1. TableCheck applies your domain name to the emails it sends, and adds a digital signature.

2. The recipient’s email provider (e.g. Gmail) receives the signature, and checks it against your DKIM key record publicly visible on your domain.

3. Once the signature is verified, the recipient’s email provider delivers the email to the recipient with confidence that the email sender’s domain name is legitimate.

Note that the recipient does not see the DKIM signature, nor does the recipient see any indication that the email came from TableCheck’s mail server rather than your own.

DMARC (Domain-based Message Authentication, Reporting and Conformance)

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol designed to protect domain owners from unauthorized use. DMARC enhances the protection offered by the DKIM / SPF records set in the previous step and increases deliverability to email providers commonly used by diners.

Once DMARC is enabled, any receiving email server can authenticate incoming email against the rules. If the email passes authentication, it will be delivered. If the email fails DMARC authentication, the email could be delivered with a warning, quarantined or rejected entirely.

Implementation Workflow

Step 1. Determine Your Requirements

As a first step, please determine the email address(es) from which you wish to send. Please consider the following:

Separate Senders for Transactional vs. Marketing

If you intend to send both transactional and marketing (EDM) mails from your domain, please consider that marketing mails may negatively affect your domain’s spam score. Therefore, we strongly recommend setup separate domain names for each. For example:

• Transactional: booking@yourdomain.com

• Marketing: offers@yourdomain-offers.com

If this is not possible, please consider using a different subdomain, such as offers@offers.yourdomain.com

Reply Addresses

Please consider whether guests will be able to reply to your sender addresses. If you do not wish them to reply, please consider indicating in the email address no-reply@yourdomain.com, and also configure an auto-reply message. Note that TableCheck’s system lets you set the both sender labels as Reply-To email header with a separate address for each venue and/or EDM campaign.

As an example, large hotel customers may wish to configure one sender to be used globally, and set a separate reply address for each property or venue:

In this example:

• Only the email address no-reply@dining.hotel-name.com must be configured with DKIM.

• The labels Your Hotel, Your Venue Name, and the reply address venue-name@property-name.hotel-name.com are configured in TableCheck’s system and do not require any DKIM, etc. setup on your end (i.e. assuming that the reply address exists.)

Step 2. Contact TableCheck

Based on the above, please send an email to api@tablecheck.com with subject “<Your Company> Custom Email Domain Request” including the following information:

• The domain name to send from. For example, yourdomain.com.

• The proposed sender identity. For example, no-reply@yourdomain.com.

• The type(s) of email for this sender identity. For example: Transactional and promotional emails.

  • Transactional emails such as booking confirmations, thank you mails, and feedback surveys.

  • Promotional emails (EDM) such as holiday campaigns and special offers.

• The DNS provider the domain name is using. For example, AWS Route 53.

Step 3. Set the DMARC Record on your Domain

As explained above, DMARC is an email authentication protocol designed to protect your domain from unauthorized use. TableCheck requires that a DMARC record be set by the customer in order to protect against common attacks such as email spoofing, and increase deliverability to diner’s inboxes.

Depending on the your existing email setup, you may already have a DMARC record in-place. DMARC records are published as TXT records on the customer’s DNS provider with a subdomain label _dmarc, for example _dmarc.yourdomain.com.

As a minimum requirement, you must at least configure to receive a report of emails that do not pass authentication. Example:

We recommend to reject emails which do not pass authentication. Example:

Step 4. Set the required DKIM and SPF records on your Domain

Once TableCheck has provided the required records, please set the provided TXT (DKIM) and SPF records on the domain name's DNS provider. Please reply once you have set the records so that we can proceed with the next step.

Step 5. Testing and Go-Live

TableCheck will perform testing alongside the merchant to ensure your domain is properly sending emails. Once we have confirmed it is working as expected, we will mark the Custom Email Domain as live, and the merchant will be able to send emails to diners from their domain.