Have you ever sent an email from ‘[email protected]‘ and wondered why it ended up in the recipient’s junk folder? It’s a common problem, but don’t worry, I’ve got some easy-to-follow tips to help keep your emails out of the spam zone. Let’s break it down so that even an 8th grader can understand and implement these steps.
Mastering Email Deliverability, lets break it down
1. SPF (Sender Policy Framework) Record
An SPF record lists the mail servers that are allowed to send email on behalf of your domain. You can use either the IP address or the domain name of your mail server, depending on your preference and the specifics of your email setup.
Using the IP Address
Including the IP address in your SPF record is a direct method and can be more precise, especially if you have a dedicated IP address for your email server. This is particularly useful if you have a static IP address that doesn’t change.
- v=spf1 ip4:123.123.123.123 ~all
Obviously you’ll need to change the IP address above 123.123.123.123 with your actual mail IP address. To get your mail IP address just go to https://mxtoolbox.com and search your domain name, it’ll show you the Hostname “mail.yourdomain.com” and then the IP Address, this is the IP address you need.
Using the Domain Name
Using the domain name of the mail server is a more flexible approach, especially if you’re using a third-party email service where the IP address may change. This method is less maintenance-intensive because you won’t need to update your SPF record if the IP address changes.
- v=spf1 include:mail.yourdomain.com ~all
Just like above, we need to change the mail.yourdomain.com with your actual mail Hostname. To get your mail Hostname just go to https://mxtoolbox.com and search your domain name, it’ll show you the Hostname “mail.yourdomain.com” this is the name you need, most of the time its just mail.YOURDOMAIN.com but always just double check just incase.
2. DKIM (DomainKeys Identified Mail) Record
Adding a DMARC (Domain-based Message Authentication, Reporting, and Conformance) record to your domain is an essential step to enhance your email security. Here’s a simple guide on how to do it:
1. Log in to Your Domain Registrar
Your domain registrar is the service where you registered your website’s name. It might be a site like GoDaddy, Bluehost, Crazy Domains or another provider where you manage your domain settings
2. Access the DNS Settings
Once you’ve logged in, navigate to the section where you can modify your DNS (Domain Name System) settings. This area allows you to control how your domain interacts with the internet, including email settings.
3. Add a New TXT Record
You’re going to add a new record to these DNS settings. Specifically, a TXT (Text) record. Here’s how you set it up:
- HOSTNAME: Enter _dmarc in the hostname field. This specifies that the record is a DMARC record.
- VALUE: Copy and paste this line: v=DMARC1; p=none; rua=mailto:[email protected]
To learn more about the technical information regarding DMARC read this article here.
Setting Up DKIM
Step 1 – Generating a DKIM Key
Use Your Email Service Provider’s Tools: Most modern email service providers (like Google Workspace, Microsoft 365, etc.) offer tools to generate DKIM keys. You’ll typically find this in the email settings section of your admin panel, otherwise you’ll need to manually generate a DKIM key, something like this can help you generate a private key https://tools.socketlabs.com/dkim/generator.
Once you have generated your “public DNS” and “private Key” go to your domain registra (the place your domain is held, ie. Crazy Domain, GoDaddy etc) and go to your DNS settings section.
Add a New TXT Record: The host name is usually in the format _domainkey.yourdomain.com – ensure you replace “yourdomain.com” with your actual domain and the content is your public DNS record you generated above.
Steps to Configure Private Key:
- Access Your SMTP Server: This step depends on how your email infrastructure is set up. If you’re using an email service provider (like Google Workspace, Microsoft 365, etc.), they often handle this part automatically.
- Manual Configuration: If you manage your own SMTP server, you’ll need to configure the server to use the private key you generated above. This process varies depending on the email server software you’re using (e.g., Postfix, Sendmail, Microsoft Exchange). You typically need to place the private key file in a secure location on the server and then configure the mail server software to use this key for signing emails. Most of the time your domain registra can assist with this and should only take them a minute to complete.
- Update Server Settings: The server needs to be told which selector and domain to use for DKIM, and where to find the private key. This is often done through the server’s configuration files.
- Restart the SMTP Service: After updating the settings, you may need to restart your mail service for the changes to take effect.
Frequently Asked Questions
In summary related to the article above, some of the common Frequently Asked Questions are below. If you can’t find your answer, don’t hesitate to Contact us.
SPF (Sender Policy Framework) is a record that specifies which mail servers are allowed to send emails on behalf of your domain, helping to prevent email spoofing.
To set up an SPF record, add a TXT record to your DNS settings with your mail server's IP address or domain name. This tells receiving servers which servers are authorized to send emails from your domain.
DKIM (DomainKeys Identified Mail) adds a digital signature to your emails, verifying that they haven't been altered in transit and confirming the sender's identity.
To add a DKIM record, generate a DKIM key using your email service provider's tools or an online generator. Add the public key to your DNS settings and configure your mail server to use the private key for signing emails.
DMARC (Domain-based Message Authentication, Reporting, and Conformance) helps to prevent email spoofing by aligning SPF and DKIM mechanisms and providing a way to report email delivery issues.