💡 Salesbooster Tip: By configuring your DKIM, SPF, and DMARC records, you can enhance the likelihood of your emails landing in the primary tab of your recipients' inbox. These records authenticate your emails and prevent them from being marked as spam or phishing attempts, ensuring that they are delivered to the intended recipients. Implementing these records is crucial for successful email marketing and outreach, as it helps to establish trust and credibility with your audience. With DKIM, SPF, and DMARC in place, you can boost the effectiveness of your email campaigns and improve your overall email deliverability.

What are DKIM, SPF, and DMARC, and what do they signify?

DKIM (DomainKeys Identified Mail)

DKIM is an email authentication protocol that enables email recipients to verify the authenticity of the email messages they receive.

DKIM works by adding a digital signature to the header of an email message, which verifies that the message was sent from an authorized mail server and has not been tampered with during transmission. When an email message arrives at the recipient's email server, the recipient's email server checks the DKIM signature to determine whether the message is authentic. By implementing DKIM, domain owners can improve their email deliverability and protect their domain reputation by ensuring that their email messages are not marked as spam or phishing attempts.

Sender Policy Framework (SPF)

SPF is a DNS-based email authentication protocol that helps prevent email spoofing and phishing attacks.

SPF works by publishing DNS records that identify the authorized mail servers for a domain. When an email is sent from a domain, the recipient's email server performs an SPF check by querying the DNS records of the sender's domain. The SPF record contains a list of authorized mail servers for the domain. The email server then verifies whether the IP address that sent the email matches one of the authorized mail servers listed in the SPF record. By publishing an SPF record, domain owners can prevent email spoofing and phishing attacks, protect their domain reputation, and ensure the integrity and authenticity of their email communication.

DMARC (Domain-based Message Authentication, Reporting and Conformance)

DMARC is an email authentication protocol that builds on the SPF and DKIM protocols. DMARC provides an additional layer of protection against email spoofing and phishing attacks by allowing domain owners to instruct email recipients on how to handle unauthenticated emails. DMARC enables domain owners to receive detailed reports on email authentication results, which helps them monitor and improve their email deliverability. By implementing DMARC, domain owners can enhance their email security and ensure that their email messages are delivered to the intended recipients.

Why do you need to set DMARC, SPF and DKIM?

Implementing DMARC, SPF, and DKIM is essential for ensuring the integrity and authenticity of your email communication. These email authentication protocols work together to prevent email spoofing and phishing attacks, protect your domain reputation, and improve your email deliverability.

By setting up SPF, you can verify that the sender of an email message is authorized to send emails from a specific domain, preventing unauthorized senders from using your domain for spam or phishing purposes. DKIM adds an extra layer of security by adding a digital signature to the header of an email message, verifying that the message was sent from an authorized mail server and has not been tampered with during transmission.

DMARC provides additional protection by instructing email recipients on how to handle unauthenticated emails and providing detailed reports on email authentication results. DMARC enables domain owners to monitor and improve their email deliverability, ensuring that their email messages are delivered to the intended recipients and not marked as spam or phishing attempts.

In summary, implementing DMARC, SPF, and DKIM is essential for protecting your email communication and reputation. By using these email authentication protocols, you can prevent email spoofing and phishing attacks, enhance your email security, and improve your overall email deliverability.

How to set them?

⚠️ Please be aware that the examples provided below are applicable only if you are using Google as your domain and mail provider. Therefore, it is recommended that you do not copy and paste the values without consulting your own provider first. Most providers have their own FAQs on this topic, which you should refer to before making any changes to your DNS settings.

DKIM

1. Log in to Google Admin: admin.google.com
2. In the Admin console, go to Menu>Apps > Google Workspace > Gmail.
3. Generate a DKIM Key.
4. Create a DNS TXT Record with the DKIM key generated in the previous step.
5. NOTE: To accomplish this task, you must visit your domain provider, such as GoDaddy, Squarespace, Namecheap, or another service.
6. After creating the DNS TXT record in your domain with the DKIM Key, you can start Authenticating.

Google guide: https://support.google.com/a/answer/180504?hl=en

SPF

1. Log in to your domain account on your domain host's website, such as GoDaddy, Squarespace, Namecheap, or another provider. Do not use your Google Admin Console.
3. Navigate to the page where you can update your domain's DNS records. This may be called DNS Management, Name Server Management, or Advanced Settings.
5. Locate your TXT records and confirm whether your domain already has an existing SPF record. The SPF record should start with
6. "v=spf1…".
7. If your domain already has an SPF record, it's advisable to consult your IT department or provider before making any changes. Keep in mind that each domain can only have one SPF record, so deleting an existing record may cause issues with other tools you're using.
9. Instead of deleting the existing SPF record, you should modify it to include additional providers. For example, if your current SPF record includes Leadspicker
10. v=spf1 include:_spf.leadspicker.com ~all , and Google is your email provider, you may want to add Google to the existing record.
12. To modify the existing record, you could update it to look like this:

⌨️ v=spf1 include:_spf.google.com include:_spf.leadspicker.com ~all

   5. Create a new TXT record with the following values:

• Name/Host/Alias: Enter "@" or leave it blank.
• Time to Live (TTL): Enter "3600" or keep the default setting.
• Value/Answer/Destination: Enter "v=spf1 include:_spf.google.com ~all".

⚠️ Please note that the example value provided above is only valid if Google is your email provider. If your email provider is different, it is crucial to confirm the correct value with your email provider, as we cannot verify it on our end.

Please keep in mind that it may take up to 72 hours for the changes to take effect.

Google guide: https://support.google.com/a/answer/180504?hl=en

DMARC

1. Visit your domain administrator's website and locate DNS Management or Settings.
2. Add the following TXT record to your DNS:
3. Host Name: _dmarc
4. VALUE (with email): v=DMARC1; p=quarantine; rua=mailto:example@example.com; pct=90; sp=none

Google guide: https://support.google.com/a/answer/180504?hl=en

If you have any question feel free to reach out our support - support@leadspicker.com