We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you’re looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try "application" instead of "software."
  • Start a new search.
Cloud Account Sign in to Cloud
Oracle Account

This guide brings you through the basic steps to migrate your Dyn Email Delivery service or Dyn Email Delivery Express service to Oracle Cloud Infrastructure (OCI)’s Email Delivery Service. The guide covers initial setup of Oracle Cloud tenancy and accounts, and configuration of email sending domains, SPF, DKIM, approved senders, and suppressions.

Product Parity

OCI is working on adding more features to OCI Email Delivery to match those in Dyn, for general availability in the immediate coming months. In addition to reputable email delivery, OCI currently offers other core features such as bounce and complaint collection, email authentication standards, deliverability performance including possible dedicated IP resources, detailed and summary activity reporting, and a host of other features offered through tight integration with other Oracle Cloud services.

As of this writing, we are working on features such as open and click engagement tracking, HTTPS sending, custom headers, approved (wildcard) domains, custom return path, and others. We are also working on tools to help migrate accounts with sizable approved sender and suppression lists. For more information on availability and timeline, please reach out to migrations@dyn.com.


To migrate from Dyn Email Delivery service or Dyn Email Delivery Express service to Oracle Cloud Infrastructure, follow these steps:

  1. Collect your Dyn Email Delivery data
  2. Create an Oracle Cloud Infrastructure (OCI) account
    a. Create users and groups
    b. Create compartments (optional)
  3. Configure your OCI Email Delivery service settings
    a. Create users and groups
    b. Create compartments (optional)
    c. Email Domain(s)
    d. DKIM + SPF
    e. Approved Sender(s)
    f. Suppression List, if applicable
  4. Start sending!

Collect your Dyn Email Delivery data

We recommend migrating both your Approved Senders and Suppression List. Any remaining configurations should be done fresh in Oracle Cloud.

  1. Log into your Dyn Email Delivery or Dyn Email Delivery Express account using your DynID credentials.
  2. In each subaccount that you send through, click Approved Senders in the main navigation menu and record your senders list using whatever method is easiest for you. Note that DKIM and SPF data cannot be migrated over; you will need to set these up freshly in OCI Email Delivery (see below).
  3. Click Suppression List in the main navigation menu and then click “Search” to display the list.
  4. Click Export this list. The suppression list will either be downloaded to your computer as an CSV file right away or if the list is long, you may receive an email with a link to download the list when the export is ready.


  • Your approved sender and suppression lists can also be gathered using the Dyn Email Delivery API. See GET /senders and GET /suppressions for more details.
  • With approved senders and subaccounts, focus on what is active and not abandoned. If you used an approved sender address five years ago, but no longer need it, you would not need to include that for OCI.
  • Open and click data cannot be imported into OCI ED and therefore doesn’t need to be exported.

Create an Oracle Cloud Infrastructure (OCI) account

Oracle Cloud Infrastructure requires an account (“tenancy”) be created to support setting up cloud services such as Email Delivery. In addition, since OCI utilizes a different means for authenticating web and SMTP users, these accounts must be configured fresh there. Existing Dyn credentials cannot be transferred from Dyn to OCI.

If you do not yet have an account, you can start with a free account. Oracle Cloud’s Free Tier includes a practical amount of infrastructure and services to get started, including allotment to send up to 100 emails a day to test out the service. You will have to enter a credit card, but it is not billed.

Before setting up Email Delivery, consider how best to logically separate your email configuration and activity, if needed. Dyn Email Delivery uses sub-accounts to segment email sending and reporting, and helps in controlling access. OCI uses “compartments” to do this, allowing you to organize and isolate your cloud resources such as approved senders. For more information and to create Oracle Cloud Infrastructure compartments, see Managing Compartments.

Unlike Dyn Email Delivery, Oracle Cloud Infrastructure provides a robust set of permission features that allow you to set up granular permission policies to manage access to various elements of the Email Delivery service, including sending and approved sender creation permissions. For more information, see Overview of Oracle Cloud Infrastructure Identity and Access Management. This includes the recommended use of Groups to help organize with similar access, and grant them appropriate access to manage resources.

Once you have your tenancy created, you have the option to set things up manually using the OCI web console, or you can look at scripts provided here to utilize Oracle Resource Manager and the Terraform CLI to automate setup and management.

Configure your OCI Email Delivery service settings

Oracle Cloud offers a robust set of services and security control options to support even the most complex requirements. However, you can get started for reputable sending relatively quickly.

Below, we offer condensed steps for a minimal setup in OCI Email Delivery. You can also consult the Getting Started with Email Delivery guide for more detail.

A word about regions: Oracle Cloud is a region-based service, unlike Dyn Email Delivery which has a single set of global endpoints. You will want to consider which region(s) of Oracle Cloud to set up in, as each region requires its own setup. For now, you can just pick the region closest to where you are to get started.

The ideal way to think about this: where do your users reside in the world and are there restrictions within those countries as relates to where email comes from? If you have an Australian-based arm of your company, you could set up a region there and another one for U.S-based affairs, etc.

Minimum Requirements for OCI Email Delivery Configuration

  • SMTP Credentials
  • Policy to allow Email Delivery configuration
  • Email Domain(s)
  • DKIM + SPF (highly recommended)
  • Approved Sender(s)
  • Suppression List, if applicable

Generate SMTP Credentials

SMTP credentials are added to a User within your tenancy for use in submitting emails to OCI for delivery. Credentials used to authenticate into the OCI web console are different and not used for email submission.

  1. Open the navigation menu. Under Identity and Security, click Users.
  2. Either create a user for dedicated use in submitting email, or locate an existing user in the list. Click their name to view details.
  3. Under Resources in the left sidebar, click SMTP Credentials.
  4. Click Generate SMTP Credentials.
  5. Enter a Description of the SMTP Credentials in the dialog box.
  6. Click Generate SMTP Credentials. A user name and secure password are auto-generated and displayed.
  7. Copy the username and password for your records and click Close.

Add IAM Service Policy to Allow Email Delivery Configuration

OCI uses Identity and Access Management (IAM) policies to help control access to cloud resource management. Email Delivery offers a single policy or more granular policies, depending on your needs. To enable all operations on all email resources for a specific user group, use the following policy:

Allow group [Your Group Name] to manage email-family in tenancy [Your Tenancy]

There are other policies you will want in place, especially when accessing logs and managing suppressions. See Creating User Permissions in the OCI Email Delivery documentation for more detail.

Add Email Sending Domain(s) to Your Account

OCI uses Email Domains to help ensure good email delivery reputation using important, industry-standard authentication measures. For more information, see Managing Email Domains.

For each of the domains you will send email from:

  1. Search the navigation system for “Email Delivery”, or open the navigation menu and click Developer Services, then click Email Delivery. In the Email Delivery sidebar menu, click Email Domains.
  2. Ensure that you are in the correct compartment (under List scope in the left sidebar). Your user must be in a group with permissions to manage email domains in this compartment.
  3. Click Create Email Domain.
  4. Enter your email sending domain name, the one you plan to use for your “From” email address. This should be a domain you own or control in DNS, since measures used to establish verification and authentication require a DNS record or similar actions.
  5. Click Create Email Domain. The new domain will appear on its new detail page.
  6. We recommend enabling logs for all sending domains. Under Email Logs, click Logs.
  7. Enable Outbound Accepted and Outbound Relayed logs by enabling the Enabled sliders for each.

Set up DKIM for your Email Domain(s)

DKIM (DomainKeys Identified Mail) is an important step to ensure email you send reaches the inbox and is considered reputable. It utilizes DNS records to help achieve cryptographic signing of emails, ensuring the email is seen by inbox providers as genuine.

Ideally, DKIM should be set up fresh with new signing keys especially if you are currently using less secure 1024-bit or less encryption strength; OCI Email Delivery defaults to using strong 2048-bit encryption. OCI also encourages the use of CNAME records for setting up DKIM (in contrast to the TXT record method used in Dyn), which will eventually allow for easy key rotation.

To set up fresh DKIM manually, see the guide to Setting up an Email Domain with DKIM for helpful steps, including links to documentation for several popular DNS providers. While you can attempt to send some test mail without DKIM set up, we highly recommend setting up DKIM right away to avoid delivery issues later.

Configure SPF

SPF (Sender Policy Framework) is an important, industry-standard measure to let email inbox providers know that OCI Email Delivery is allowed to deliver emails on your behalf. Like DKIM, SPF uses DNS records. See the guide to Configuring SPF for easy steps to set up this important permission. Note that SPF is set up by region; so, using the Australia example above, you would want to use the includes for the specific regions you are sending from.

Add Approved Senders to Your Account

Like Dyn Email Delivery, OCI uses Approved Senders to help ensure good email delivery practices, segment sending activity and reporting, and strengthen use of other features. Each “From” address you plan to use must be added as an Approved Sender. See the guide to Creating an Approved Sender for more helpful information and steps.

Instead of adding Approved Senders manually, you can also use a host of Developer Tools and Resources including Terraform, SDKs, and the OCI CLI to programmatically add senders. This can be combined with the Dyn Email Delivery Approved Senders APIs to perform a seamless migration of all senders.

Add Email Addresses to the Suppression List

Email Suppression Lists are important to ensure good delivery reputation. You do not need to add suppressions in order to start sending but we recommend importing any existing suppression list you have, including ones from Dyn Email Delivery, to maintain your sending reputation.

You may have a large-enough suppression list that adding them one by one is simply not practical. You can use various Developer Tools and Resources in creating automation to add suppressions, and couple that with the Dyn Email Delivery Suppressions API or read from the CSV file you exported earlier.

To add an email address to the suppression list individually:

  1. Open the navigation menu. Under Solutions, Platform and Edge, go to Email Delivery and click Email Suppression List.
  2. Click Add Suppression.
  3. In the Add Suppression dialog box, enter the email address.
  4. Click Add. The email address is added to the Suppression List.

Start Sending!

With your SMTP credentials, email domains, important authentication measures, and approved senders in place, you can start sending. See the guide to Configuring SMTP Connection for info on the region-based connection endpoints and TLS requirements, and Sending an Email for a review of the important setup pieces, and links to API and SDK documentation.

Aside from programmatic ways to send email, you can also use tools such as swaks to do very basic send tests using your new configuration.

To check the results of your sending:

  1. Login to the OCI web console.
  2. Open the navigation menu and click Observability & Management. Under Logging, click Search.
  3. In the Custom Filters, enter a filter to use, such as the following to search for a particular recipient:
    data.recipient = testing@company.com
  4. For each email that was successfully delivered, you should see two entries: one for the “Accepted” action (OCI Email accepted the email submission), and another for “Relayed” action (the recipient email provider accepted the mail for delivery).

OCI is constantly working on adding features to its services, including Email Delivery. See the OCI Email Delivery documentation for details.

Custom Return-Path

The Return-Path address is located in every outbound message's header. By default, we use our own Return-Path address for all customers. We offer the ability to customize this for a few reasons:

  • Reputation
  • Most effective whitelistings
  • DMARC (SPF) alignment

We strongly recommend when migrating your Dyn account to OCI Email Delivery, to request this for any sending domain you are using. In OCI, we have the ability to match any sending domains with their corresponding custom Return-Path. Dyn could only achieve one per master account. Taking advantage of this feature will greatly help your domains deliverability.

Read more information and steps to get a custom Return-Path set up in OCI.

Cancel Dyn Email Delivery Service (enterprise accounts)

You can cancel your Dyn Email Delivery enterprise account by emailing customersuccess@dyn.com. Note this is not done automatically once you start sending through OCI Email Delivery. Once you are fully done with Dyn Email Delivery, let us know via that email address ASAP.

Cancel Dyn Email Delivery Express Service

After you have fully moved over to OCI Email Delivery and are ready to cancel your Dyn Email Delivery Express service account, login to your account at account.dyn.com with your eCommerce username and password.

  1. Under My account, click My Services.
  2. Next to Email Delivery Express, click View.
  3. Click Request Cancellation