How to enable DKIM, SPF and DMARC?
One of the most important practices to improve the deliverability of your Transactional Emails is the DKIM & SPF Configuration. This way your business domain or service will be the one who include the signature in the email sendings and this will improve your email reputation
What is the DKIM?
DKIM is an email authentication system that improves the security of your Emails and fights against fraudulent messages and phishing. In short, Doppler Relay lets you activate your DKIM to decrease the chances that your emails are considered Spam.
How can I configure my DKIM?
Step One: Create the new Domain Name
The first thing you need to do is get into your Doppler Relay account and go to Account Settings (located on the right side of the navigation bar) and select the Domain Manager option.
Once there, you have to click on the button called “Add Domain” and then you’ll see the option to write the new Domain, then click the button next to it and the new domain will be successfully added to your list.
Now is time to authenticate your Domain, for that you will need your DKIM Selector and your DKIM Public Key. You can find them on the list below by clicking on the configuration icon.
You’ll be redirected to a new page with all the information you need:
- DKIM Selector
- DKIM Public Key
- SPF Field
Second step: Get into your Hosting Provider.
Now it is time to access the administrator console from your hosting provider. Once there, look for the section that allows you to modify the DNS records.
Third step: Create TXT archive
Create a TXT record with the name and value that appear in the administrator console. Hosting providers use different names for the fields associated with a TXT record.
For example, GoDaddy includes fields with the name TXT Name and TXT Value, while Name.com has the same fields with the names Record Host and Record Answer.
Regardless of which provider you use, enter the text under DNS Host name (TXT record name) into the first field and the text under TXT record value into the second field.
Once you’ve done these steps, after a while Doppler Relay will show that your DKIM is validated.
Although this process works on most Email clients, some like Outlook, they can still display the authentication information even after activate your custom DKIM. This is something that only happens to these providers and that at the moment can’t be modified.
What is SPF?
Sender Policy Framework (SPF) is an email authentication standard designed to detect email spoofing by providing a mechanism to allow receiving email exchangers to check that incoming email from a domain comes from a host authorized by that domain’s administrators.
How to add SPF?
Here is an example of how the registry should be to use Doppler Relay´s SPF. It is recommended that the record be of type TXT and not SPF.
Name Value TTL yoursite.com v=spf1 include:spf.fromdoppler.com ~all Default Value
Make sure that:
- In the SPF record, you include the values of the ESP or ISP that you use.
- Some DNS providers may require that the value be enclosed in quotation marks, thus: “v = spf1 include: spf.fromdoppler.com ~ all”
- You can’t create more than one TXT record for SPF. However, you can create multiple values in the same record by writing the word include. Let’s see below how it should look if you had to add an SPF record on the same line.
|v=spf1 include:spf.mydomain.com v=spf1 include:spf.fromdoppler.com ~all
What is DMARC?
DMARC (Domain-based Message Authentication, Reporting & Conformance) is a system by which the receiving email server can determine how to handle emails that fail the SPF and DKIM check.
The system works this way:
- Upon receiving an Email, the destination server queries the DNS of the Sender’s domain to obtain the DMARC record and determine what to do with the received email.
- Using this record, the Sender domain can set the DMARC policy differently, such as instructing the mail server to quarantine, reject, or deliver them.
- These policies may also include instructions for sending reports to domain administrators about emails that pass and fail checks.
How to add DMARC?
Use the data found in the DMARC section within the “Domain Manager” of Doppler Relay, accessed by clicking on the Settings Icon.
Go to the DNS zone configuration section of your domain provider and create a TXT record with the name and value indicated on the screen.
That’s all; remember that it is essential to complete the configuration so that DKIM, SPF, and DMARC are correctly activated.