Permissions: Site Admin

Product tier: Available to all subscription tiers

Tip: Check out our quick start guide for a condensed version of this information.

Messages sent through Greenhouse Recruiting may seem like they're coming from your normal email address, but they're actually sent on behalf of one of our third-party mail servers.

Since spammers have been known to use a similar method to imitate legitimate email addresses, sometimes mail providers start to mark these messages as spam or block them altogether. Verifying your domain lets mail providers know your company has given Greenhouse permission to send emails on your behalf, which should drastically improve your overall deliverability rate.

Click here for more IT-specific resources on email domain verification.

Verify email domain in Greenhouse Recruiting

A Site Admin should work with your internal IT team to verify your domain inside of Greenhouse Recruiting. This step is essential to ensure your messages aren't flagged as spam or rejected by third-party mail providers.

Note: If your organization has a strict "aspf" or "adkim" DMARC policy, read the following section of this article before continuing with email domain verification: Verify email domain without using gh-mail subdomain.

Click the Configure icon from the navigation bar and select Email Settings on the left.

Enter your organization's email domain in the Email Settings page and click Register.

Example: Your email domain is the text that comes after the @ sign. For example, for the email address, the email domain is You don't need to include the @ sign in the field in Greenhouse Recruiting.

Ask your IT team to add the files to your DNS setup

Once you've registered your company's email domain, your IT team will need to add special files (called SPF, DKIM, MX, and CNAME records) to your email configuration to complete the setup.

To automatically send directions and the files to your IT team, click Email Your I.T. Dept and enter their address in the field.


  • If you don't have an IT team, look for whoever manages the DNS for your email domain. Most likely, you can forward these records to someone in your IT department, and they should know what to do.
  • For organizations using web hosting services with the domain implied (such as GoDaddy or SquareSpace), the records populated after clicking Email your IT Department must be edited further to successfully verify your domain. Click here to learn more.

Test domain verification in Greenhouse Recruiting

Once the records have been added by your IT team, check the Email Settings page to ensure the domain is verified.

To run a test in Greenhouse Recruiting, click Show verification details, and then click Check DNS Records Now to receive an up-to-date status of your domain’s verification progress. When you've received a successful result, your domain is verified.

Note: It may take up to 48 hours for DNS changes to appear online. If your new domain doesn't show as Verified right away, try checking again in a couple of hours.

IT resources

The following sections are meant to provide additional explanations for the people configuring the DNS for your organization.

The gh-mail subdomain

When registering a new domain, Greenhouse Recruiting will automatically append the subdomain gh-mail to your existing domain. Greenhouse Recruiting adds this domain to avoid the following problems when registering your root domain:

  • Your IT team may have strict policies on adding new DNS records to your root domain
  • Your root domain may already have been registered with our email provider (Mailgun)
  • Your root domain’s SPF record may have already generated the maximum 10 DNS Lookups

From your user's perspective, this subdomain changes nothing - they can continue to send and receive email addresses from their normal email addresses in Greenhouse recruiting as normal. From an IT perspective, this merely avoids common complications that can impede your organization's ability to reliably send emails with the application.

If you have any questions about the gh-mail subdomain, click here to connect with Greenhouse Technical Support.

Note: If you have other requirements that aren't covered in this article, you may be able to use one of our email setup options that send email using your own email infrastructure. These are paid options that require someone from your IT team to work with one of Greenhouse's solutions engineers on a custom SMTP setup. Learn more here: Custom SMTP.

Verify email domain without a gh-mail subdomain

Some companies employ a strict security policy on their domain that prohibits use of the gh-mail subdomain. Since the gh-mail subdomain is automatically added when a domain is registered in Greenhouse Recruiting, a company with a strict domain security policy won't see successful emails even though they've correctly followed the steps in the sections above.

If your organization has a strict DMARC policy, register your domain without the gh-mail subdomain following the steps below:

Select the Configure icon Configure-icon.png on your navigation bar, then click Email Settings on the left.

If your domain is registered already with the gh-mail subdomain, remove the entry entirely.

Enter your domain with an exclamation point ( ! ) preceding the domain name. This notation tells Greenhouse Recruiting to not add the gh-mail subdomain:

Click Register when you're finished to generate the SPF and DKIM records. When you're done, verify your email domain in the section above.

MX record

While MX records generally are used to have emails delivered to your team’s address, most email clients check for the presence of MX records when receiving an email as a part of spam filtering. Major DNS providers will create an MX record on new root domains by default.

However, since the gh-mail subdomain was created specifically for use with Greenhouse, it does not automatically have an MX record. When an email does not have an MX record, it is often treated as spam or marked as suspicious by email providers.

To avoid this issue, you'll need to add an MX record to the gh-mail subdomain in your DNS. Replies to emails sent from Greenhouse will not be routed back to Mailgun, our email provider.

Note: We recognize that some organizations are wary of adding new MX records as they can be used by bad actors to reroute emails so they do not appear to be coming from the intended recipient. However, the gh-mail subdomain will only be used on the envelope of the email, which is invisible to the sending and receiving user. This infrastructure also means the gh-mail subdomain will not be used to send any emails and does not receive any responses when an email is sent to a gh-mail subdomain email address.

CNAME record

Adding the optional CNAME record helps the Greenhouse Technical Support team better monitor and troubleshoot email deliverability issues for messages sent from Greenhouse Recruiting. When a CNAME record is added, Greenhouse Technical Support has the ability to track if a given message was opened or not by the recipient.

Note: Only the Greenhouse Technical Support team has access to check if an email was opened or not. This tracking is not accessible to Greenhouse Recruiting users.

DKIM record

By default, Greenhouse Recruiting generates a 2048-bit DKIM key that is approximately 392 characters long. However, some hosting services including AWS Route 53, only allow DKIM keys with a maximum length of 255 characters.

If your DKIM records have a character limit and need to be shorter than the default 2048-bit key, check the box Use shorter DKIM key when registering your domain.

Remove email domain from Greenhouse Recruiting

In some cases, it may be necessary to remove a previously registered email domain from Greenhouse Recruiting. To remove an email domain, click the Configure icon Configure-icon.png on your navigation bar and then click Email Settings on the left.

Click Show verification details to view your previously registered email domain. Click Remove to remove the email domain from Greenhouse Recruiting.