Implementing DKIM, SPF, and DMARC configurations is vital for safeguarding your reputation and enhancing email deliverability, thereby increasing the likelihood of receiving responses when reaching out to creators.
Before delving into the details, it's important to understand that DKIM, SPF, and DMARC records are integral components found in your DNS settings within your domain provider (e.g., GoDaddy, SquareSpace, Namecheap, etc.). It's essential to note that these settings are managed on your domain provider's end, not by Upfluence.
Before doing these modifications, please, contact your IT department to make sure it has already been done. It's a requirement that apply to all companies that are bulk sending emails with third-party tools (cold mailing, SDR emails, etc.).
Why do you need DMARC, SPF and DKIM?
Phishing and email spam pose significant risks for hackers to infiltrate networks. Clicking on a malicious email attachment by a single user can jeopardize an entire enterprise with ransomware, data leaks, or privilege escalation exploits. It's less known why enterprises require protocols like DKIM, DMARC, and SPF to secure their email infrastructures. These protocols complement each other, and most businesses likely require all three. Instructions for implementing DKIM are available for Google and cPanel users, including guidance on generating domain keys and configuring DNS records. Validate the DKIM keys in your email headers using an online tool after implementation.
How to set them up?
This tutorial has been made for Gmail users only.
DKIM
Log in to Google Admin: admin.google.com
In the Admin console, go to Menu ➡️ Apps ➡️ Google Workspace ➡️ Gmail.
Generate a DKIM Key.
Create a DNS TXT Record with the DKIM key generated in the previous step.
For this, you will need to go to your domain provider. e.g. GoDaddy, Squarespace, Namecheap, etc.
After creating the DNS TXT record in your domain with the DKIM Key, you can start Authenticating.
Google tutorial: https://support.google.com/a/answer/180504?hl=en
SPF
Sign in to your domain account on your domain host's site (not your Google Admin Console). This can be GoDaddy, Squarespace, Namecheap, etc.
Go to the page for updating your domain’s DNS records. DNS Management, Name Server Management, or Advanced Settings.
Find your TXT records and check if your domain has an existing SPF record. The SPF record starts with “v=spf1…”.
If your domain already has an SPF record, please check with your IT and/or provider.
One domain cannot have more than 1 SPF record. So deleting the one that is already there is not always the best choice since it might cause issues with other tools you're using. Instead, you want to include more providers to your existing SPF.
Example
Let's say that you already have an SPF that is including Salesforce at the moment.
It looks like this: v=spf1 include:_spf.salesforce.com ~allNow what you want to do is also to include google in this SPF since Google is your email provider.
You want to modify the existing SPF so it now looks like this:
v=spf1 include:_spf.google.com include:_spf.salesforce.com ~all
Create a TXT record with these values:
Name/Host/Alias - Enter @ or leave blank
Other DNS records for your domain might indicate the correct entry.
Time to Live (TTL) - Enter 3600 or leave the default.
Value/Answer/Destination - Enter v=spf1 include:_spf.google.com ~all
Again, careful, the example of value above will work only if Google is your email provider.
If your email provider is not Google, please double-check with your email provider what is the correct value to use, we cannot confirm on our end.
This can take up to 72 hours to take effect.
Google tutorial: https://support.google.com/a/answer/10685031?hl=en
DMARC
Go to your domain administrator’s site. Find DNS Management or Settings.
Add this TXT record to your DNS:
Host Name: _dmarc
VALUE (with email): Minimum VALUE is: v=DMARC1; p=none; rua=mailto:example@example.com;
OR v=DMARC1; p=quarantine; rua=mailto:example@example.com; pct=90; sp=none
OR VALUE (without email): v=DMARC1; p=quarantine; pct=90; sp=none
IMPORTANT
If you do not currently have a DMARC policy in place, we suggest starting with p=none
VALUE (with email): Minimum VALUE is: v=DMARC1; p=none; rua=mailto:example@example.com;
However, your DMARC policy has been set for a number of months, and you have had the chance to review who is sending email under your brand name and determine which of those are legitimate—and which are not. In this case, p=quarantine might be good for you.
VALUE: v=DMARC1; p=quarantine; rua=mailto:example@example.com; pct=90; sp=none
OR
VALUE: v=DMARC1; p=quarantine; pct=90; sp=none
Please, discuss it with your IT department.
Please always replace our example emails by one that actually exists and belongs to you.
The email version will send reports to whatever email you put in there.
Google tutorial: https://support.google.com/a/answer/2466563?hl=en