Before you begin
These settings must be configured through your domain provider, not within Upfluence.
DKIM and DMARC authentication are required by Gmail and Yahoo to improve email security, prevent spam, and verify that senders own the domain they are sending emails from. We highly recommend setting up these protocols to ensure your emails are successfully delivered.
📌 Check with your IT team before making any changes to ensure these settings haven’t already been implemented. These configurations are required for businesses sending bulk emails through third-party tools (e.g., cold outreach, SDR emails).
Why do you need DMARC, SPF and DKIM?
Email authentication enhances security, prevents phishing, and protects your domain from being spoofed. Here’s how each protocol helps:
DKIM (DomainKeys Identified Mail): Ensures your emails remain unaltered during transit.
SPF (Sender Policy Framework): Verifies which mail servers can send emails on behalf of your domain.
DMARC (Domain-based Message Authentication, Reporting & Conformance): Prevents unauthorized use of your domain and improves email deliverability.
After setting up DKIM, use an email header analysis tool to validate your keys.
How to set up email authentication (for Gmail users)
1. Setting up DKIM
Log in to Google Admin Console.
In the Admin console, go to Menu ➡ Apps ➡ Google Workspace ➡ Gmail.
Generate a DKIM Key.
Create a DNS TXT Record using the generated DKIM key within your domain provider’s settings (e.g., GoDaddy, Squarespace, Namecheap).
Authenticate the DKIM key in Google Admin.
📖 Google tutorial: Set up DKIM
2. Setting up SPF
Log in to your domain provider’s account (e.g., GoDaddy, Squarespace, Namecheap).
Navigate to DNS settings (this may be called "DNS Management," "Name Server Management," or "Advanced Settings").
Check your existing TXT records to see if an SPF record already exists (it will start with
v=spf1
).If an SPF record already exists, consult your IT team. Instead of deleting it, add Google to the existing record.
If no SPF record exists, create a new TXT record with the following details:
Name/Host/Alias:
@
or leave blank
TTL:3600
(or default)
Value:v=spf1 include:_spf.google.com ~all
(Only if Google is your emailprovider!)The record shall look similar to the example below
v=spf1 include:_spf.google.com include:_spf.salesforce.com ~all
3. Setting up DMARC
Log in to your domain provider’s DNS settings.
Create a new TXT record with the following details:
Host Name:
_dmarc
Value (with email reporting):
v=DMARC1; p=none; rua=mailto:your-email@example.com;
Alternative (with stricter enforcement):
v=DMARC1; p=quarantine; rua=mailto:your-email@example.com; pct=90; sp=none
If you do not want email reports, use:
v=DMARC1; p=quarantine; pct=90; sp=none
🚨 Important: If this is your first time setting up DMARC, start with p=none
to monitor activity before enforcing stricter policies. Discuss with your IT team before making adjustments.
4. Final step: Verify your settings
Ensure all email addresses in the setup are valid and belong to your organization.
Use an email authentication testing tool to check DKIM, SPF, and DMARC settings.