It's critically important, especially with the new Gmail and Yahoo updates in 2024, to authenticate your emails before engaging in any outreach, even if you send emails directly from your mailbox.
Why:
Deliverability: Emails without authentication can be rejected or placed in spam folders. These are mandatory settings enforced by mail providers.
Protection: Email authentication safeguards your emails from spoofing.
Note: Important!
If you are uncertain about how to perform these actions or if you lack access to your hosting website, please contact your IT person or someone who manages your domain.
You can also reach out to your hosting or mail provider support; they will assist you in configuring email authentication settings mentioned below.
What:
Email authentication consists of three parts:
SPF: Should include all mail servers (tools) that send emails on behalf of your domain.
DKIM: A digital signature that signs your emails and helps to verify their authenticity.
DMARC: Instructs the recipient's mail server on what to do with emails that fail SPF and DKIM.
Note: These are domain settings that are propagated across your entire domain, affecting all mailboxes associated with that domain.
Where:
your mail provider support or mail provider support section: contact them to get the correct SPF and DKIM values, since both of these records are specific for each mail provider.
your hosting website -> DNS: here you will add all 3 records. Your hosting website is a place where all your domain settings are located.
Note:
PeopleLinx is not an ESP (email service provider), that's why we do not provide our customers with SPF and DKIM. Those values need to be received from your mail provider.
Step-by-step guide
Step 1: Test your domain.
Firstly, you need to understand if there is anything to be fixed. You need to check your current domain settings.
Some useful tools that can help you:
Mail-tester tool: check the section "You are (not) fully authenticated".
Check out How to improve your Email Deliverability Score article to get Mail-tester report explained.
Step 2: fix your domain.
Note: Use the drop down arrow to expand the details.
SPF record
The correct record should follow several rules:
there should be only 1 record
should not exceed 10 DNS lookups
should contain all mail servers (mail tools) that send emails from your domain
Please, contact your mail or hosting provider support to troubleshoot any issue with SPF record that you may face.
DKIM record
DKIM is provided by your mail service, not by PeopleLinx. It's a pair of digital keys. One is stored at your mail provider's side (you don't see it), the second part is provided to you so that you can add it you DNS.
To get your DKIM and set in to your DNS, please, contact your mail provider. If you use the same mail and hosting provider, they will assist you with both steps.
If your hosting provider is different, you may need to take DKIM from your mail provider first and then ask hosting support for help.
DMARC record
DMARC record instructs mail providers what to do with your emails if they fail SPF / DKIM check.
There are 3 options of DMARC policy:
Policy | Type | Details |
p=none | soft | It instructs mail providers to do nothing with emails that fail authentication. Does not protect you from spoofing. |
p=quarantine | strict | It instructs mail providers to place such emails to spam. Protects you from spoofing. |
p=reject | strict | It instructs mail providers to reject emails that fail authentication. Protects you from spoofing. |
Note:
Important! Please, do not use strict policy unless you are sure you mail authenticated all mail servers that send emails form your domain with SPF and DKIM. If not, your deliverability from unauthenticated servers will be hurt.