Table of Contents:
Table of Contents minLevel 2
Introduction
Authentication is the method to verify that the email messages you are sending are from your business and are trusted. Authentication allows other participants like ISPs, message transfer agents (MTA), mail delivery agents (MDA), and mail user agents (MUA) to verify that an email attributed to you as a sender has been sent by you before they transfer or deliver it. There are three main types of email authentication protocols as listed below.
- SPF
- DKIM
- DMARC
About SPF
The SPF is a TXT type record you get from your ESP and put in your DNS that specifies what servers may send emails on behalf of your domain.
...
To the ESPs that are asking for MX records, you can use info@subdomain.domain.com in the from address so that the reply comes to the actual inbox. The reason for setting this up is you do not face any dns overlap issues. Another reason is setting up an inbox to receive the reply address.
About DKIM
DKIM authentication seals the content of your email using a cryptographic lock referred to as a “DKIM signature.” Adding this encrypted lock to emails’ headers prevents the email from being opened by anyone who doesn’t have the corresponding key.
For detailed steps about the Domain Keys Identified Mail, visit our Ongage Blog Post: Email Authentication Protocols: What are They and Why Are They Important?
About DMARC
The Domain Message Authentication Reporting and Conformance protocol enables you to share authentication instructions with other mail agents and receive reports identifying unauthenticated emails being sent in your domain’s name.
For more about DMARC and how to implement, visit our Ongage Blog Post: Email Authentication Protocols: What are They and Why Are They Important?
Article Explaining DMARC Overview
Image from dmarc.org
How to Set Up Protocols
As Ongage is a front-end platform connecting to back-end email delivery vendors, who do the actual sending of the emails. DKIM and SPF are not set up in Ongage. Rather you need to go to your Email delivery vendor (e.g., Dyn, SparkPost, Mailgun, Amazon SES, etc.) and get the keys from them to put in your DNS. Typically those vendors have either clear instructions on how to do that, or can help you set up those.
...
To have a detailed view of the TXT type DNS records you can visit our blog post about Email Authentication Protocols: What are They and Why are They Important?
About DNS Services
Following are links to a variety of leading DNS services
- Bluehost: General DNS Setup
- CloudFlare: General DNS help
- DynDNS: General DNS setup
- HostGator: General DNS setup
- Hover: General DNS setup
- Network Solutions: General DNS setup
- Rackspace Cloud DNS: General DNS setup
Check DNS Verification & Propagation of your Sending Domains
Following is a great tool to check your DNS record propagation status once the record is configured for respective domains.
Appendix
Resources for setting up SPF and DKIM
- Amazon SES: DKIM, SPF
- GoDaddy: SPF and DKIM
- Dreamhost: SPF, DKIM
- Namecheap: SPF, DKIM
- United Domains: DKIM and SPF (in German)
Articles about Email Authentication: SPF, DKIM, DMARC and BIMI
- Email Authentication Protocols: What Are They and Why Are They Important? (Ongage Blog: September 2020)
- 3 DNS Records Every Marketer Must Know (March 2017)
- Why DMARC Matters for Email Marketing (April 2017)
- What marketers need to know about DMARC (July 2016)