How to configure SPF and DKIM for email authentication

To authenticate emails, the recipient's server parses the DKIM and SPF records of the sender's domain.

Domain Keys Identified Mail (DKIM) technology is the process of authentication of the sender's domain using a generated digital signature. The method allows the recipient's servers to verify that the message was actually sent from the claimed domain, which improves your email deliverability.

An SPF record defines the list of servers that can send emails on behalf of this domain and process emails that were sent from other servers. By setting up an SPF record, you can reduce the risk of sending spam on behalf of your domain and improve your email deliverability.

In this article, we'll talk about how you can generate records to send emails from SendPulse’s servers to your domain and add it to your domain's DNS settings registrar site.

If you have already set up DKIM and SPF records to authenticate your domain in the SMTP service, you don’t need to set up a DKIM record in the SMTP service.

All services share the same record settings, so you only need to add them to your host provider once. You can skip the first two sections of this article and go to the Check entry status section.

On this page

Generate your DKIM and SPF records

Go to the Email > Service settingsDomain settings. In Sending domain section, click Activate.

Enter the domain name, and click Get SPF and DKIM Records.

The domain name must be in the example.com format without the http protocol or the www prefix.

The service will generate the data you’ll need to add your SPF and DKIM DNS records. Copy the name and value of each entry.

If you use multiple sending domains, don't forget to specify the domain you authenticated in the sender address settings.

To pass spam filters, the domain in the Sending domain setting must match the sender's address domain.

Add an entry to the DNS provider website

You can check where your domain's DNS settings are located using the MxToolbox tool. Follow the link, and enter your domain. Select SOA Lookup or DNS check from the drop-down list, and click the button.

If your registrar does not provide default DNS servers, you can activate this service separately, for example, using cPanel.

In our example, we will use cPanel to add an A record to our site's DNS registrar.

Learn more about how to set up TXT records in cPanel’s documentation.

In the domain control panel, select Zone Editor.

Next to your domain, click Manage.

Click +Add Record.

Adding an SPF Record

To set up an SPF record on the site of your DNS settings provider, you will need to create a TXT record named @ or yourdomain.com with the following value: v=spf1 include:mxsspf.sendpulse.com +a +mx ~all. If you already have an SPF entry, then you need to add the mxsspf.sendpulse.com value to your existing one.

Paste the values ​​in the corresponding fields:

In the Name field, paste the @ record name, and your hosting can add the domain name. For example, for cPanel, it will be yourdomain.com.

In the Type field, select the TXT record type.

In the Record field, paste the record value.

If you are sending emails using multiple third-party servers, you need to add the service value to the same entry, and it will look like this: v=spf1 include:mxsspf.sendpulse.com ip4:XXX.XXX.XXX.XXX include: serverdomain.com +a +mx ~all.

Click Save Record.

Once you add the entry, you need to wait for the activation, which may take up to 24 hours, depending on the work of the hosting.

Adding a DKIM record

To set up a DKIM record on the site of your DNS settings provider, you will need to create a TXT record named sign._domainkey with the following value: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBOj8hLCE2hCc44Y0i4DSsi8OCBe5dRtC699VpyDmtP9tV+2bJMBNJcX8uoqyGdtMjhNcTXzu4kWSgaLq8LRKwMzb8RxevZcje/3dKDzoPdNDffijRW+uiZupBiV6RvMHIy3/Xk0vEqqULXVZgE29mL77F0Ue1uwIDAQAB.

The article only provides an example value. You can find your own DKIM public key value in your account.

Paste the values ​​in the corresponding fields:

In the Name field, paste the sign._domainkey record name, and your hosting can add the domain name. For example, for cPanel, it will be sign._domainkey.yourdomain.com.

In the Type field, select the TXT record type.

In the Record field, paste the record value without quotes.

Click Save Record.

Once you add the entry, you need to wait for the activation, which may take up to 24 hours, depending on the work of the hosting.

Check the entry status

You can check the status of your added entry using MxToolbox or Google Admin Toolbox. Follow the link, and paste your full domain name. For MxToolbox, select SPF Lookup in the drop-down list. For Google Admin Toolbox, select the TXT entry.

You can also check the status of an entry directly in your SendPulse account. Go to the Email > Service Settings Domain settings. In the Sending domain section, click the three dots icon next to your domain, and select Show Settings.

Click Check DNS records.

If you have configured everything correctly and the DNS settings have been updated, next to each record, you will see an icon with a green checkmark, and the connection status will change from Awaiting confirmation to Connected.

Following the example, the TXT record is added to other registrar services.

Read also:

How to add a TXT record to Namecheap

How to add a TXT record to Godaddy

How to add a TXT record to Hostgator

How to add a TXT record to Cloudflare

Last Updated: 13.12.2023

    Rate this article about "How to configure SPF and DKIM for email authentication"

    User Rating: 5 / 5

    Previous

    How to link your email and chatbot subscribers' data

    Next

    How to set up a custom tracking domain

    Popular in Our Blog

    Try SendPulse today for free