Documenso
Policies

Verifying Emails from Documenso

How to confirm that an email is genuinely from Documenso, and what to do if you receive a suspicious message.

Check the Sender Domain

All email sent by Documenso originates from one of the following domains. If you receive an email claiming to be from Documenso and the sender address does not end in one of these domains, treat it as suspicious.

DomainUsed for
app.documenso.comTransactional email
documensomail.comTransactional email
Custom domainEnterprise organisations using a custom email domain

Typical sender addresses include:

  • noreply@app.documenso.com
  • noreply@documensomail.com

A misspelling such as documenso-mail.com, documensomaiI.com (capital i instead of l), or any other variation is not a Documenso domain.

Types of Email Documenso Sends

Documenso sends email only for the following purposes:

  • Account verification — confirming your email address when you sign up or change it
  • Password reset — a link to reset your password that you requested
  • Document invitations — notifying you that a document has been shared with you to sign, approve, or view
  • Signing reminders — follow-up reminders for pending document actions
  • Completed document notifications — confirmation that all parties have signed a document
  • Team invitations — inviting you to join an organisation or team

What Documenso Will Never Do

  • Ask for your password via email
  • Send you an attachment and ask you to open it to verify your identity
  • Ask you to confirm payment details or billing information over email
  • Send unsolicited marketing emails if you have not opted in

How to Tell If an Email Is Legitimate

  1. Check the sender address — the domain must be documenso.com or documensomail.com
  2. Look at the link destination — hover over any link before clicking; it should point to app.documenso.com
  3. Watch for urgency or threats — legitimate Documenso emails do not threaten account suspension to pressure you into clicking a link immediately
  4. Verify the action yourself — if in doubt, log in to app.documenso.com directly (not via the email link) and check whether the document or notification exists there

Report a Suspicious Email

If you receive an email that appears to impersonate Documenso:

  1. Do not click any links or download any attachments
  2. Forward the email as an attachment to support@documenso.com
  3. Delete the email from your inbox

You can also report phishing emails directly to your email provider using their built-in reporting tools.

Security

Security practices for Documenso Cloud and self-hosted deployments, along with our vulnerability disclosure process.

Support

Support channels and options available depending on your needs and subscription level.

On this page

Check the Sender DomainTypes of Email Documenso SendsWhat Documenso Will Never DoHow to Tell If an Email Is LegitimateReport a Suspicious EmailRelated