Permissions: Admin
Note: Slowly increase sending volumes to also increase chances of your messages being delivers
If your emails are not delivered as expected and are being marked as spam by the recipients’ inbox, you probably don't have SPF, DKIM and DMARC set up properly.
Here's how to set it up correctly.
SPF
SPF, or Sender Policy Framework, is a validation protocol that helps fight spam by validating IP addresses.
SPF allows you to define which servers are allowed to send emails on behalf of your domain.
How to Set Up:
Create an SPF record in the TXT format for your DNS (Domain Name System).
In the record, specify the IP addresses of servers that are permitted to send emails for your domain.
A typical SPF record looks like this: v=spf1 ip4:123.456.78.90 include:_spf.google.com ~all, where 123.456.78.90 is the IP address of your email server, and _spf.google.com is an example of a domain whose emails you also want to authorize.
- How to set up SPF? Just click HERE to learn everything you need.
DKIM
DKIM, or Domain Keys Identified Mail, generates the key that Google Workspace uses to create a signed email header, unique to your domain.
The recipient can verify the source of the email by reading your public key and use it to read your signature.
How to Set Up:
Generate a DKIM key for your domain. This step usually involves working with your email service provider.
Add the DKIM record to your DNS as a TXT record. This record contains the public key used to verify the signature in emails.
Configure your email server or service provider to use your DKIM keys to sign outgoing emails.
- How to set up DKIM? Just click HERE to learn everything you need.
DMARC
DMARC or Domain-based Message Authentication, Reporting and Conformance gives the domain more control over what Gmail does with incoming spam
Purpose: DMARC utilizes SPF and DKIM to verify outgoing emails and provides instructions to recipients on what to do with emails that fail verification.
How to Set Up:
Create a DMARC record as a TXT record in your DNS.
The record should contain your preferences for how emails that fail verification should be treated. For example: v=DMARC1; p=reject; rua=mailto:report@yourdomain.com, which instructs that emails failing verification be rejected and reports about these events be sent to a specified email address.
- How to set up DMARC? Just click HERE to learn everything you need.
It's important to regularly check and update your records to match the current needs and infrastructure of your organization. Monitoring failure reports and adjusting settings as needed to ensure that legitimate emails are not mistakenly marked as spam or fraud is also recommended.