QA in the HIIV — Issue 010
A DNS change where "looks verified" and "lands in the inbox" are not the same thing
Welcome to issue ten. Every day, we show you what QA is putting through its paces, what could break, and why you should care. Let's get into it.
Synopsis
Custom sending-domain setup. A creator points their own domain at beehiiv for sending and web hosting; we generate the DNS records (SPF, DKIM, DMARC, CNAME) and verify them before flipping the publication's mail over to send from the new domain.
What needs to be QA'ed
Verification passes only when SPF, DKIM, and DMARC actually resolve — not on a partial or cached lookup
The cutover sends nothing from the new domain until authentication is confirmed
Stale DNS caching can't mark a publication "verified" and then send it from an unauthenticated domain
A failed or half-propagated setup falls back to the old domain rather than sending unsigned
Web hosting (CNAME) and email auth are validated independently — one passing doesn't imply the other
Reputation warm-up is respected; we don't blast full volume from a cold domain on day one
Errors name the exact missing record — not a generic "try again later."
Why it matters:
Sending-domain setup is invisible right up until it isn't. A misconfigured SPF or DKIM record doesn't throw an error — the email just quietly lands in spam, opens a crater, and the creator has no idea why. By the time anyone notices, the domain's reputation is already damaged, and weeks of deliverability work are gone. "It looked verified" is the most expensive sentence in an email; verification has to mean the inbox, not the checkmark.
See ya next time with more QA and why it matters!
Enjoy, Tina
This content is 100% fictional and made by AI for testing purposes