How to set up DNS records with Gandi

If you own a domain — for example, mydomain.com — ProtonMail allows you to create a custom email address that uses your domain name instead of the regular @protonmail.com, @protonmail.ch, or @pm.me. 

To set up a custom domain email address with Gandi and use it to exchange emails, you need to change your domain DNS records.

If you are interested in other domain registers, you can read our guides for Amazon Web ServicesGoDaddyCloudflareNamecheap, OVHBluehost, and Google Domains.

If you own a domain from a different registrar, set your custom email address with the help of our guides for DNS records setup and anti-spoofing measures (SPF, DKIM, and DMARC).

Add your custom domain in ProtonMail

1. Log into your Proton Account at account.protonmail.com and go to Settings -> Organization -> Custom Domains.

2. Select Add Domain. This will take you to step 1 of the setup wizard.

3. Type in your domain name and Next.

4. Enter your Proton password and Submit.

Verify that you own the domain

1. Log in to your Gandi account, go to Domain and select the domain you want to use.

2. In the DNS Records tab, select Add.

3. Create the following record:

Type: TXT
TTL: Select a low value to update your DNS record faster.
Name: @ (If the @ value isn’t accepted, enter your domain instead)
Text Value: Go back to the ProtonMail custom domain setup window. Copy the text in the VALUE / DATA / POINTS TO column and paste it in the Text value field.

4. Save the record and go back to the ProtonMail setup window to Verify your domain.

Please note that you may have to wait up to 24 before you can move on to the next step.

Create MX records in Gandi

1. Similar to the steps above, access DNS Records and Add new record. 

2. Enter and save the following values:

Type: MX
TTL: Select a low value to update your DNS record faster.
Name: @ (If the @ value isn’t accepted, enter your domain instead)
Priority: 10
Hostname: mail.protonmail.ch.

Warning: The final dot (.) at the end is important. If you leave this out, your record will not work.

3. Create a second MX record using these values:

Type: MX
TTL: Select a low value to update your DNS record faster.
Name: @ (If the @ value isn’t accepted, enter your domain instead)
Priority: 20
Hostname: mailsec.protonmail.ch.

Warning: The final dot (.) at the end is important. If you leave this out, your record will not work.

Create SPF, DKIM, and DMARC records

For security reasons, we recommend adding SPF and DKIM records. Setting up DMARC is an optional, advanced feature.

Read more about SPF, DKIM, and DMARC.

SPF and DMARC records are set up in a similar way to setting up TXT records.

1. Access DNS Records and Add new record. 

2. To create the SPF record, enter these values:

Type: TXT
TTL: Select a low value to update your DNS record faster.
Name: @ (If the @ value isn’t accepted, enter your domain instead)
Text Value: v=spf1 include:_spf.protonmail.ch mx ~all

3. To set up the DKIM record, enter these values:

Type: CNAME
TTL: Select a low value to update your DNS record faster.
Name:  protonmail._domainkey
Hostname: Go back to the DKIM section in ProtonMail custom domain setup window. Copy the text in the VALUE / DATA / POINTS TO column and paste it in the Text value field.

To add a second and third DKIM record, repeat these steps with the appropriate record names “protonmail2._domainkey” and “protonmail3._domainkey”.

4. To set up the DMARC record, enter these values:

Type: TXT
TTL: Select a low value to update your DNS record faster.
Name: _dmarc
Text Value: Go back to the DMARC section in ProtonMail custom domain setup window. Copy the text in the VALUE / DATA / POINTS TO column and paste it in the Text value field.

Choose your email address

Add your new address in the ProtonMail window by choosing your username, the display name, and your email signature.

You should now be able to use your new custom domain email address.