Configurable security

Our top priority is to make your DocuSign experience safe and secure, and it’s our intention to provide the most robust and reliabile service possible to enable your business transactions. We also want to proactively share information that may be of interest to you regarding our service and understand the requirement to configure security to the needs of your organization. This page outlines our configurable security features.

Whitelist for DocuSign service

DocuSign customers can configure their spam filters and other software to allow for the following whitelisted domains to be accepted.

Domains to white list:

We recommend allowing all subdomains under the following domains:

  • .docusign.com
  • .docusign.net

Akamai CDN:

To enhance network performance and security, DocuSign uses Akamai CDN for static content distribution. DocuSign browser applications use outgoing connections to docucdn-a.akamaihd.net.

IP addresses for DocuSign service

Customers can elect to explicitly allow Internet addresses advertised by our service.  It’s important for those customers to keep up-to-date with our current IP address ranges.

Current and continuing for North America-based and demo accounts:

  • 162.248.184.1 through 162.248.187.254
  • 54.149.21.90
  • 54.69.114.54
  • 52.25.122.31
  • 52.25.145.215
  • 52.26.192.160
  • 52.24.91.157
  • 52.27.126.9
  • 52.11.152.229

Current and continuing for European Union-based accounts:

  • 185.81.100.1 through 185.81.103.254
  • 52.28.168.105

Support for Sender Policy Framework (SPF) record checking

To flag and quarantine malicious spam on your mail servers, you should enable both Sender Policy Framework (SPF) lookup functionality and Domain-based Message Authentication, Reporting & Conformance (DMARC). The combination of these technologies helps to protect from malware spam attacks. You can learn more about SPF at http://www.openspf.org/ and DMARC at http://www.dmarc.org/.