Title search: ✖
Setting Up SPF, DKIM, and DMARC
Written by Jill Dimel
You can improve your email delivery with simple records in your domain name settings (DNS): SPF, DKIM, and DMARC. These methods help verify your emails have not been forged. They increase the confidence of your subscribers that your emails are not spam.
Sender Policy Framework (SPF) authorizes which servers are allowed to send emails for your domain. It is a simple email validation system designed to help recipients determine if email is legitimate or spam by making sure the server has permission to send the emails for your domain.
Domain Keys Identified Mail (DKIM) record adds a digital signature to your email to verify the message is authorized by the sending domain. The DKIM check determines if the message was signed and associated with the correct domain and that the content has not been modified.
Domain-based Message Authentication, Reporting & Conformance (DMARC) is a protocol that uses SPF and DKIM to determine the authenticity of an email message.
SPF, DKIM and DMARC records are added in your DNS settings. DNS settings are typically updated through your domain registrar. If you are not familiar with DNS, you can provide this information to your website admin or network admin to make the updates.
DNS - SPF
If you already have an SPF record for your domain, you can add "include:_spf.stgi.net" in the record already in your DNS manager. You can add it anywhere before "~all" or "-all".
You can follow these instructions if you have not yet set up an SPF record for your domain. *SPF records should include all mail servers that you use to send emails. In addition to what is listed in the instructions below, you should also include servers for your primary email provider (Google, Outlook, GoDaddy, etc.) and any other providers used to send emails. If you are not sure how to include your mail servers, please contact your network admin or email provider for additional information.
DNS - DKIM
Please follow these instructions to set up a DKIM record for your domain.
DNS - DMARC
DMARC is optional, but recommended. You will need to add the following to the DNS for your domain.
*If your DNS manager does not allow semicolons (";") try putting a back-slash in front of them ("\;").
CUSTOM MTA SETTING
You can configure a custom MTA in your DNS to update the domain of the sending server so it matches the domain of your ‘From’ address. It is important for you to set up a custom MTA in your GreenRope Account when using DMARC authentication.
To configure your custom MTA, you will need to create a CNAME in your DNS manager. We recommend creating a unique subdomain of your ‘From’ domain. This setting is custom for your sending domain and account on our system. The text needed for your CNAME record can be found by logging in to your GreenRope account and following these instructions:
There will be a green checkmark beside the mta name in the Custom MTA window in your GreenRope account when the setup up is verified.