Pardot Domain Setup: A Step-by-Step Guide

Clients or consultants don't need to be anxious about their Pardot domain setup. It's pretty easy when you know what to do. Here's a guide!

Pardot Domain Setup: A Step-by-Step Guide

I’ve encountered many people scared at the idea of updating DNS records to set up their email domain in Pardot. In reality, I don’t think clients or consultants need to be anxious about this. It’s a pretty easy process when you know what to do.

Granted, if you accidentally delete an ‘A’ record or amend the wrong thing in your domain’s DNS, you could break the company website and suddenly stop emails being sent and received… but follow instructions to the letter and this shouldn’t happen!

In short, configuring your domain DNS for Pardot means adding records to the domain, not editing or removing any (except for the SPF record which we will get into).

Let’s dig into each part of the process step-by-step.

What is ‘DNS’?

DNS stands for Domain Name System. In a nutshell, DNS translates domain names into IP addresses, which browsers then use to load web pages. Think of it as a phonebook for the internet.

For the purpose of setting up your Pardot domain, you don’t really need to understand more about DNS, other than to know that it’s where your domain records live. Domain records are essentially little instructions for the domain that help browsers understand more about a domain and how to interact with it. 

You’ll find your DNS in whichever registrar you used to purchase your domain or within the settings of your chosen website host, depending on your website setup. Popular domain and hosting providers include Kinsta, Bluehost, GoDaddy, Cloudflare, 123Reg, and Siteground.

Some hosting providers provide in-platform email features but most of the time, we want to use external email clients like Outlook or Gmail. For example, to use @marcloudconsulting.com as my email domain instead of @gmail.com, the DNS for marcloudconsulting.com needs to be configured correctly.

The same concept applies to sending emails from a custom domain in Pardot. In order for servers to use your domain for emails, and to ensure the best deliverability rate, the DNS must contain the right instructions.

For the below, you will need Pardot Administrator permissions and you will need to head to Pardot Settings > Domain Management.

Email domain setup for Pardot

Screenshot of the MarCloud domain in Pardot

So, to send emails using your domain from Pardot, you need to first tell the internet that Pardot does have permission to do so. It’s a necessary step to prove that your company is the legitimate sender of your emails and would be the case for any other email marketing platform too.

Email servers are constantly looking for levels of authentication because we live in a world where scammers will buy email lists and blast emails whilst disguised as another company. 

Check the sender information the next time you receive a spam or scam email. It’s often sent to ‘look’ like it’s from @apple.com but it is accompanied by a message of ‘sent via …’. This can mean there is no authentication in place and the sender isn’t who they say they are. 

The first and most basic authentication check is the ‘SPF’ (Sender Policy Framework) record and then ‘DKIM’ (DomainKeys Identified Mail). These are both compulsory in Pardot so you must have these levels of authentication set up. 

You’ll also require a third ‘validation’ via a ‘TXT’ record. This is relatively new to Pardot. So new, in fact, that I only noticed MarCloud’s account had a ‘Legacy verified’ notice the other day (Jan ‘23). I hadn’t seen this before! I assume that because our domain was already authenticated we didn’t need to re-authenticate. 

To recap, you’ll need to set up three elements in your DNS:

Here’s a video guide on how to configure the SPF and DKIM for Pardot, but scroll further for text instructions and additional key information! It was recorded some years ago in a loft in Lisbon so you may notice slight differences in the account interface/terminology.

SPF record

The SPF record to add to your DNS for Pardot is:

v=spf1 include:aspmx.pardot.com ~all

Screenshot of the MarCloud SPF record setup

If an SPF record exists in your DNS already, you can copy and paste the include:aspmx.pardot.com part into the existing SPF string.

For companies that have a more technical setup, you should consult with your IT team to work out the best approach to your SPF setup. Some companies have lots of records (more than 10) so you can use a process called ‘flattening’ which allows you more flexibility and more records.

Diagram showing how SPF authentication works

Source: Email on Acid

The steps for adding an SPF record differ among DNS providers, so you’ll need to check the documentation for the provider you use. For example, in Cloudflare, the ‘@’ symbol is used to ‘point’ to the root domain marcloudconsulting.com. Other providers may use a different symbol. Some providers also only allow ‘TXT’ records and there’s no mention of ‘SPF’. If this is the case for you, a TXT record will do the trick.

Screenshot of a TXT record

DKIM aka DomainKey

Diagram showing how DKIM authentication works

Source: Email on Acid

‘DKIM’ stands for ‘DomainKeys Identified Mail’ and this is the final part of the compulsory email domain setup in Pardot.

This one prevents someone from pretending to be you and, as shown in the diagram above, this is checked in combination with the SPF record to authenticate the sender. 

Simply add two TXT records on the DNS with the unique values that Pardot provides you. To find the records to add:

  1. Go to Admin > Domain Management
  2. Click to ‘Add a New Domain’ 
  3. Enter the domain you’d like to send from (you must own and have access to this domain, of course).
  4. Click ‘Create Domain’.
  5. The page will reload with error notices in the columns for SPF, DomainKey Policy, and DomainKey. Click the ‘Expected DNS Entries’ link under ‘Actions’.
  6. This will reveal the pieces of code that need to be configured in your DNS.

Your records will look something like this:

Screenshot of the MarCloud domain key in Pardot

From here, it’s a copy-and-paste exercise using your DNS provider’s documentation on how to create the records.

New ‘validation’ TXT record

Following the same process you did to create/edit the SPF record in your DNS, you’ll need to add a new TXT record that looks something like the below but with a string unique to your specific Pardot account (don’t copy and paste the exact record below!):

sending_domain123456=abcde12345l0tsoflettersandn3mber3857384

This TXT record is a unique record that specifically validates and lets Pardot send emails from your domain. 

Screenshot of the MarCloud validation key in Pardot

Optional: DMARC setup

‘DMARC’ which stands for ‘Domain-based Message Authentication Reporting and Conformance’ is an extra step to help with email deliverability. This checks both the SPF and DKIM records and then applies a policy based on the results, allowing the email to either go to the inbox, spam, or quarantine (not delivered). 

Its purpose is to tell the recipient email server what to do once it has checked the SPF and DKIM records. So, think of it as a little instruction for the recipient domain. 

Diagram showing how DMARC works

Source: https://www.agari.com/blog/pros-cons-dmarc-reject-vs-quarantine

While DMARC isn’t compulsory for your Pardot email-sending domain authentication, it’s definitely a good idea to implement it on your domain. Consider it the ‘cherry on top’ when it comes to email authentication. 

DMARC isn’t something you’ll find mentioned in your Pardot account, so head to your domain provider for instructions. Here’s how the MarCloud one looks though:

Screenshot of the MarCloud DMARC record

Verify and start emailing!

Once Pardot recognises that the compulsory domain setup is in place correctly, you’ll see three neat green ticks appear where there were error notices before.

Screenshot of the MarCloud domain in Pardot

You’re now ready to start sending emails! Before you celebrate too hard, the next task is configuring your tracker domain, which is a whole separate topic and therefore, I’ve written a guide to Pardot tracker domain setup too.

If at any point you become stuck, don’t be shy, reach out to the team here at MarCloud and we’ll see if we can help. We won’t touch your DNS but we can point you in the right direction, as well as offer other types of Pardot support and consulting.

Tom Ryan headshot

Tom Ryan

Founder & CEO of MarCloud, Tom has been on both sides of the fence, client-side and agency, working with Salesforce platforms for the best part of a decade. He's a Salesforce Marketing Champion and certified consultant who loves to co-host webinars and pen original guides and articles. A regular contributor to online business and marketing publications, he's passionate about marketing automation and, along with the team, is rapidly making MarCloud the go-to place for Marketing Cloud and Salesforce expertise. He unapologetically uses the terms Pardot, Account Engagement and MCAE interchangeably.

Featured resource

Checklist cover page with the text Pardot Implementation Checklist

Pardot Implementation Checklist

Starting out with Marketing Cloud Account Engagement, formerly known as Pardot, is no easy feat. Set yourself up for marketing automation success with this step-by-step checklist for implementing Account Engagement (aka Pardot). Work through the stages and get in touch if you need support!

Download Pardot Implementation Checklist

More recent posts

B2BMA Nirvana by MarCloud logo and illustrated characters

Ready to reach marketing nirvana?

Our market-leading framework, 'B2BMA Nirvana by MarCloud', addresses every part of Account Engagement (Pardot) and your Salesforce ecosystem. Using this framework, MarCloud experts have the wisdom and experience to guide you on the path to complete marketing and reporting clarity.

Reach the highest state of Salesforce marketing so you can save time, deliver quality leads, and generate more revenue using Marketing Cloud Account Engagement (Pardot) and other Salesforce platforms. Whatever your current circumstance, we'll get you to a place where everything works.

B2BMA Nirvana by MarCloud
Desk Character Image

Need a hand getting the most out of your Pardot or Marketing Cloud account?

MarCloud is a team of certified Pardot, Marketing Cloud, and Salesforce specialists. We help businesses to unlock the potential of marketing automation. Ready to save time, deliver more quality leads, and generate more revenue? Here's how we help.

View support services