How to validate your domain names in order to test the email addresses that depend on them ?
To ensure the legitimacy of your phishing simulations, you must prove that you have administrative rights over the domain names of the email addresses you want to test.
To do this, you simply need to follow a simple validation procedure that requires you to add a TXT field to the DNS zone of your domain, as outlined step-by-step below.
Here's a summary of the steps:
Prerequisites
Step 1: Go to the domain name validation menu
Step 2: Add the domain name
Step 3: Modify the DNS fields to authenticate your domain
Step 4: Validate the authorization process
Step 5: Verify the DNS modification
Step 6: Deploy a test on the email addresses associated with the domain
To validate your domain names, you need access to the Arsen platform and the ability to edit the DNS zone of the domain(s) you want to validate.
In addition, you must have followed the authorization procedure for the emails associated with your infrastructure.
The complete procedure is available here: How to authorize Arsen phishing simulations on your mail servers?
The domain validation menu can be accessed from the Account > Domains menu.
Click on Add New Domain to add the domain name you want to test.
In the side panel that opens, enter your domain name, then click on Add Domain.
The platform now provides you with a TXT field to add to your DNS zone to verify your administrative rights over the domain.
Copy the TXT value and add it to the root of your domain in your DNS zone.
The procedure for adding TXT fields may vary depending on your DNS service:
Managing DNS records in CloudFlare
Editing a DNS zone at OVH
Modifying a DNS zone at Gandi
To ensure the proper deliverability of our simulation emails and the correct configuration of your systems, we ask you to validate the authorization operations.
If you have not completed this configuration step, you can access it here.
Once the TXT record is added and the authorization process is applied, simply click on Verify Domain to have the platform check the domain name.
There are three possibilities :
###The domain is validated
Congratulations! Your domain name is validated, and you can start testing your users.
Click on Go Back to return to the platform and start using it.
It is possible that you made a typo while copying the DNS value. We recommend that you copy/paste the value into the DNS record.
It is also possible that you have selected the wrong DNS selector: the platform looks for the TXT record at the root, not for a subdomain.
It is possible that the verification is not immediate due to the time it takes for your new DNS record to spread—the DNS propagation.
In this case, check the "TTL" value of the DNS record, which will determine, in seconds, the time it takes before the next verification.
Many DNS service providers have a default TTL of 300 seconds, so it is common to retry 5 minutes later.
Now that your domain is validated, you can add collaborators who have an email address on this domain.
Yes, many of our customers have multiple domain names.
You can repeat the steps above for all domain names that you control.
Validated domain names are displayed in the Account > Domains menu.
In all cases, if you were able to launch a campaign on email addresses, then their domain name is validated.
When no domain is validated, the platform notifies you with a red banner.
To do this, you simply need to follow a simple validation procedure that requires you to add a TXT field to the DNS zone of your domain, as outlined step-by-step below.
Here's a summary of the steps:
Summary
Prerequisites
Step 1: Go to the domain name validation menu
Step 2: Add the domain name
Step 3: Modify the DNS fields to authenticate your domain
Step 4: Validate the authorization process
Step 5: Verify the DNS modification
Step 6: Deploy a test on the email addresses associated with the domain
Prerequisites
To validate your domain names, you need access to the Arsen platform and the ability to edit the DNS zone of the domain(s) you want to validate.
In addition, you must have followed the authorization procedure for the emails associated with your infrastructure.
The complete procedure is available here: How to authorize Arsen phishing simulations on your mail servers?
Step 1: Go to the domain name validation menu.
The domain validation menu can be accessed from the Account > Domains menu.
Step 2: Add the domain name.
Click on Add New Domain to add the domain name you want to test.
In the side panel that opens, enter your domain name, then click on Add Domain.
Step 3: Modify the DNS fields to authenticate your domain.
The platform now provides you with a TXT field to add to your DNS zone to verify your administrative rights over the domain.
Copy the TXT value and add it to the root of your domain in your DNS zone.
The procedure for adding TXT fields may vary depending on your DNS service:
Managing DNS records in CloudFlare
Editing a DNS zone at OVH
Modifying a DNS zone at Gandi
Step 4: Validate the authorization process.
To ensure the proper deliverability of our simulation emails and the correct configuration of your systems, we ask you to validate the authorization operations.
If you have not completed this configuration step, you can access it here.
Step 5: Verify the DNS modification
Once the TXT record is added and the authorization process is applied, simply click on Verify Domain to have the platform check the domain name.
There are three possibilities :
###The domain is validated
Congratulations! Your domain name is validated, and you can start testing your users.
Click on Go Back to return to the platform and start using it.
The domain is not validated because the value of the record does not match
It is possible that you made a typo while copying the DNS value. We recommend that you copy/paste the value into the DNS record.
It is also possible that you have selected the wrong DNS selector: the platform looks for the TXT record at the root, not for a subdomain.
The domain is not validated because the new value of the record is not taken into account
It is possible that the verification is not immediate due to the time it takes for your new DNS record to spread—the DNS propagation.
In this case, check the "TTL" value of the DNS record, which will determine, in seconds, the time it takes before the next verification.
Many DNS service providers have a default TTL of 300 seconds, so it is common to retry 5 minutes later.
Step 6: Deploy a test on the addresses of this domain
Now that your domain is validated, you can add collaborators who have an email address on this domain.
Can I add other domains?
Yes, many of our customers have multiple domain names.
You can repeat the steps above for all domain names that you control.
How can I tell if my domain names are validated?
Validated domain names are displayed in the Account > Domains menu.
In all cases, if you were able to launch a campaign on email addresses, then their domain name is validated.
When no domain is validated, the platform notifies you with a red banner.
Updated on: 23/10/2023
Thank you!