GreenRope Blog

Title search:

Copy of Getting Started with GreenRope Series_ Setting Up Your Account for Success.png

Setting Up SPF, DKIM, and DMARC

Written by Jill Dimel

You can improve your email delivery with simple records in your domain name settings (DNS):  SPF, DKIM, and DMARC. These methods help verify your emails have not been forged. They increase the confidence of your subscribers that your emails are not spam.

Sender Policy Framework (SPF) authorizes which servers are allowed to send emails for your domain. It is a simple email validation system designed to help recipients determine if email is legitimate or spam by making sure the server has permission to send the emails for your domain.

Domain Keys Identified Mail (DKIM) record adds a digital signature to your email to verify the message is authorized by the sending domain. The DKIM check determines if the message was signed and associated with the correct domain and that the content has not been modified.

Domain-based Message Authentication, Reporting & Conformance (DMARC) is a protocol that uses SPF and DKIM to determine the authenticity of an email message. 

SPF, DKIM and DMARC records are added in your DNS settings. DNS settings are typically updated through your domain registrar. If you are not familiar with DNS, you can provide this information to your website admin or network admin to make the updates. 

DNS - SPF

If you already have an SPF record for your domain, you can add "include:_spf.stgi.net" in the record already in your DNS manager. You can add it anywhere before "~all" or "-all".

You can follow these instructions if you have not yet set up an SPF record for your domain. *SPF records should include all mail servers that you use to send emails. In addition to what is listed in the instructions below, you should also include servers for your primary email provider (Google, Outlook, GoDaddy, etc.) and any other providers used to send emails. If you are not sure how to include your mail servers, please contact your network admin or email provider for additional information.

  1. Log into your DNS manager

  2. Select the domain you wish to update

  3. Add TXT record as follows:

    1. In Host field, add: @   

    2. *In Text field, add: v=spf1 include:_spf.stgi.net ~all

  4. Save the record   

DNS - DKIM

Please  follow these instructions to set up a DKIM record for your domain.

  1. Log in to your DNS Manager

  2. Select the domain you wish to update

  3. Add a CNAME record as follows:

    • In Host field, add: kesq._domainkey    

    • In Text field, add: dkim.stgi.net

  4. Save the record   

DNS - DMARC

DMARC is optional, but recommended. You will need to add the following to the DNS for your domain.

  1. Log in to your DNS Manager

  2. Select the domain you wish to update

  3. Add a TXT record as follows:

    • In Host field, add: _dmarc 

    • *In Text field, add: v=DMARC1;p=none;pct=100;rua=mailto:rua@yourdomain.com;ruf=mailto:ruf@yourdomain.com

  4. Save the record

*If your DNS manager does not allow semicolons (";") try putting a back-slash in front of them ("\;").

CUSTOM MTA SETTING 

You can configure a custom MTA in your DNS to update the domain of the sending server so it matches the domain of your ‘From’ address. It is important for you to set up a custom MTA in your GreenRope Account when using DMARC authentication. 

To configure your custom MTA, you will need to create a CNAME in your DNS manager. We recommend creating a unique subdomain of your ‘From’ domain. This setting is custom for your sending domain and account on our system. The text needed for your CNAME record can be found by logging in to your GreenRope account and following these instructions: 

  1. Log in to your GreenRope account

  2. Navigate to Communicate > Email tab   

  3. Click MTA (to the right of the ‘from’ address field)

  4. In the ‘New MTA’ field, type the custom domain with the sub-domain the text field. For example, ‘mta.domain.com’ and click ‘Add’

  5. After the page refreshes, click the “setup” button below the mta name to obtain the text needed to set up the CNAME record 

  6. Login to your DNS manager to create a CNAME record in your DNS manager using the text provided in the Custom MTA Configuration window

There will be a green checkmark beside the mta name in the Custom MTA window in your GreenRope account when the setup up is verified.  

                                       

Share: https://www.greenrope.com/blog/Blog479/Setting-Up-SPF-DKIM-and-DMARC

Modern Postcard