It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Domain Authorization

  • Last updated on

The primary domain for your organization is automatically authorized. If you want to create campaigns with other domains, before you can begin creating campaigns, you must authorize each of your additional domains. You perform this authorization by adding an innocuous text record to your domain to prove to the Barracuda system that you own the domain. This is a security measure to ensure that you, in fact, have the authority to send emails to the domains you specify. The domain list is generated automatically based on the domains associated with each of the users you uploaded to your Address Books. You can also add the domains manually to authorize them in advance.

 

The primary domain for your organization is automatically authorized as part of the Security Awareness Training setup process. You do not need to authorize your primary domain. If you want to create campaigns using other domains you own, you must authorize each of the additional domains. 

To authorize your domains:

  1. Navigate to Campaigns > Domain Authorization.
  2. Click New.
  3. Enter the Domain Name you want to authorize.
  4. Click Save.
  5. When the page refreshes, locate and copy the TXT Record Content for the domain.
  6. Add this TXT record to your domain through your DNS (Domain Name Server) provider, using the format BPL=XXXXXXX. You can obtain instructions on how to add a TXT record to your domain from your DNS provider.
    See important information about timing below. 

Organizational email address books often contain emails from associated entities, like consultants, contractors, and partners. These entities should not be receiving campaign emails, unless you are authorized to do so.

You can choose to ignore one or more domains if you do not intend to use them in your campaigns. On the Domain Authorization page, select the Ignore Domain check box.

Timing of Domain Authorization

It is best to perform the complete domain authorization process described above at one time, adding the TXT record to your domain soon after you add the domain to Barracuda. The sooner you add the TXT record to your domain, the sooner Security Awareness Training will authorize your domain. 

Barracuda checks new domains for TXT records on scheduled intervals, as shown in this table:

Time Since Domain AddedHow Often Domain is Checked
< 24 hours agoevery 15 minutes
24-48 hours agoevery 30 minutes
40-96 hours agoevery 60 minutes
>96 hours agoevery 4 hours
Campaign Schedules and Test Emails

You cannot schedule unauthorized email addresses in any campaigns. If a user attempts to send a test email to an unauthorized domain, the email will not be sent until you authorize the domain.

Identifying Unauthorized Domains

Unauthorized domains are listed under Campaign > Domain Authorization. You can filter by Validated to list only the unauthorized domains. In addition, Security Awareness Training displays warnings in the following locations:

  • Dashboard: If there are any unauthorized email addresses in any of your Address Books.
  • Address Book: If there are any unauthorized email addresses.
  • Campaign: If there are any unauthorized email addresses in the Address Books associated with the campaign.

If you see a warning message about unauthorized domains, click the warning message to manage the domains.

Organizational email address books often contain emails from associated entities, like consultants, contractors, and partners. These associated entities are often from unauthorized domains. Do not send campaign emails to these entities, unless you have prior authorization.