You can host the email for your domain(s) with FastMail, providing you have an Enhanced/Premier personal account, or a business/family account. Our pricing table lists how many domains and aliases each account type may have.
Business and family accounts can create users in their own domain. Personal accounts must remain in one of the FastMail domains. This just means you have to use your FastMail username to log in: you can still send and receive mail exclusively with an alias at your domain.
Add your domain(s) (e.g.
yourdomain.com) in the "Virtual Domains" section. Just type the domain into the text box on the left, then click the "Add" button on the right. You can ignore the other columns for now (there's a detailed description of each of them below).
firstname.lastname@example.org). Leave the "Target" for the domain address(es) as your FastMail address. See our aliases help page for more information on the other options available.
Point the DNS records of your domain(s) to us. Log in to the control panel supplied by your domain registrar, then either:
At your registrar, look for where you can change the "name servers" for your domain. You want to make sure there are only two values, and that the two values are:
With this option, we host your DNS and automatically make sure all the correct entries are set for your email. We also provide a control panel for full customisation of your DNS records should you need it. Our nameservers are fast, reliable and secure, and our web interface for managing DNS is simple, but powerful enough to allow any number of records of any type.
Alternatively, you can just set the mail exchanger records for your domain (MX records) to point at us. Use these as the mail exchanger servers:
If you want email for sub-domains to come to us as well, you also need to set the MX records for
*.yourdomain.com to the above values as well.
Some DNS providers require that you put a
. on the end of the MX server names (e.g.
in1-smtp.messagingengine.com. rather than
in1-smtp.messagingengine.com). Try the version without a
. first, and if the DNS provider appends anything, try the version with the
We recommend that you choose option 1 (host your nameservers with us) if possible so we can ensure that all the appropriate DNS records are set up automatically for reliable email sending and receiving.
If you choose to just point your MX records at us, please see the section below on setting up DKIM for your domain. If you don't do this, it's much more likely that some systems will mark email you send as spam. We handle this automatically for you if you host your nameservers with us.
That's it! It may take up to a day for the changes to propagate across the internet (see our note below on TTL values), although normally it's a lot faster: just a matter of minutes. Messages sent to the aliases you added above should now arrive in your Inbox.
While you're all set up to receive mail sent to your domain now, to send mail with the
From address at your domain, you now need to create a personality with the address you wish to use.
The DNS column shows whether we think the MX records for the domain currently point to us:
You can use this information to confirm that the MX records for your domain are correct.
When you use a your own domain, you can control how FastMail handles sub-domain addressing for your domain. The last column on the domains screen labelled Subdomain? email@example.com as: controls this. The options are:
firstname.lastname@example.org resolved to
email@example.com resolved to
When sub-domain addressing is disabled for your domain, this can mean two things:
With email, it's easy to have multiple domains that "mirror" each other. So you might have
example.com.au, and you want any email address for
example.com to work for
example.com.au as well. To set this up:
example.com), and create all your domain aliases and accounts in that domain.
*@example.com.au) and set the target of that alias to
*@example.com. Then any valid email address at
example.com, will also be valid at
example.com.au. Note that this only works for email addresses; for websites, you have to explicitly create the website for each domain, or set up a redirect to the primary domain.
When you change the DNS nameservers or MX records for your domain, it can take a while before everywhere gets the new values. This is because DNS entries have a TTL (time to live) value associated with them, which tells systems how long they can cache a DNS value. Usually this value is something like 10 minutes or an hour, but it can be many days. Once a system has cached a value, there's no way to force it to be cleared, you just have to wait the TTL time for the entry to expire.
Generally this isn't a problem, but it can be worth checking the TTL times on your existing DNS entries at your current DNS host before you change them to us. One way to ensure that the change over is fast is to do the following.
DKIM is an email authentication standard that allows you to sign email you send with a particular domain, and for receivers of the email to confirm that the email was signed by that domain and hasn’t been altered. All email sent by FastMail is DKIM signed.
In the original design of the DKIM, the domain that signed the email had no particular relationship to the domain in the
From address of the email. This was particularly useful for large email providers like us. We have 10,000′s of domains, but would sign all email with just our "generic" messagingengine.com domain. However, this is now changing. Standards like Author Domain Signing Practices explicitly link the domain of the email address in the
From header to the DKIM signing domain. Also Gmail shows any email sent with a
From domain that’s different to the DKIM signing domain with an extra "via messagingengine.com" notice next to the sender name.
It's therefore better for email sent from your custom domain to be signed by that domain. If you host your DNS with FastMail (our recommended option 1 in step 4 of the domain set up guide above), then we handle this automatically and you do not need to do anything. If you only point your MX records at us, however, you will have to set this up separately.
You only need to do this if you only host your MX records with us. If you host your name servers with us, we will do all this for you.
Important: Note that you have to add the TXT record for the domain name shown in the DKIM signing keys section, which will be
mesmtp._domainkey.yourdomain.com. Do not add it for the base domain name
yourdomain.com, that won’t work.
As every DNS provider is different, we are unable to offer more specific instructions on how to create a TXT record with them. If you are having difficulty, please contact your DNS provider directly for assistance.
Initially each domain is marked as DKIM disabled (Enabled column = [ ]). While a domain is DKIM disabled, we won’t sign any sent emails. This is to avoid DKIM signing failures when the receiving side tries to lookup the public signature and fails to find it. We regularly check each domain to see if the correct public key TXT record is being published. If it is, we mark the domain in our database as "DKIM enabled" (Enabled column = [*]), and then begin signing sent emails.
There’s currently no way to change the public/private key used to sign emails or upload new ones. We always generate our own key pair for each domain and use the DKIM selector "mesmtp" to sign emails. This shouldn’t be a problem. If you’re transitioning from another provider to FastMail, you can use our custom DNS to publish the DKIM record of the previous provider with its selector as well as our own during the transition. Vice-versa for transitioning away from FastMail. The only other reason to change the selector would be if the private key was compromised, which should never happen as it’s stored securely within FastMail’s system.