How to Improve Email Deliverability with SPF and DKIM

mceclip2.pngDownload Instructions as PDF

Introduction

When campaign emails are sent from DemandCenter, the emails will originate from eTrigue's servers, but your recipients will see the FROM address displayed as coming from a sender from your domain.

Since the originating source is coming from eTrigue, but the actual sender (the "from") appears to be from your own domain, recipient mail servers may find that suspicious. This perceived suspicious behavior is due to the fact that email spammers can forge the "From" address on emails so that the spam appears to come from a user in your domain.

To help prevent this type of abuse, eTrigue recommends that users implement DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF). These two mechanisms make the forging of emails much more difficult for spammers and improves the deliverability of your emails.

 

How does DKIM and SPF help my deliverability?

DKIM and SPF are industry standards that deal with email authenticity. Major ISPs and many corporate spam/security filters perform DKIM and SPF checks by default, so establishing DKIM and SPF records in your domain's DNS records will allow you to pass these common checks.

DKIM and SPF is established through Domain Name System (DNS) records and is important to setup for a number of reasons, including:

  • If you do not have DKIM and/or SPF in place, it will make it tougher for your emails to reach your audiences because they may be marked as spam by corporate spam filters or personal junk folders.

  • Recipient mail servers can verify the sender of an email.

  • Confidence is increased everywhere. Recipients will know that their emails is from a legitimate source and not a spammer. Other organizations will know that you took the time to configure these widely industry standards.

  • Messages that pass this DKIM and SPF checks will have a higher deliverability probability than messages without DKIM and SPF, as they build "Trust" between the sending and receiving domains.

  • The "FROM" lines for your emails will look normal. Domains that do not have DKIM or SPF may experience goofy "FROM" lines that display "From person A via person B" or "From Person C sending on behalf of person D".

 

How to Setup

Configuring SPF

Add the following to your existing SPF record before the "all" statement:

include:etrgmail.com


For example, if your existing SPF record looks like this:

v=spf1 mx ip4:67.108.8.192/26 ~all

...then the updated SPF record to include eTrigue would look like this:

v=spf1 mx ip4:67.108.8.192/26 include:etrgmail.com ~all

 

Configuring DKIM

The implementation of DKIM is may vary for each organization. To determine the best setup, contact success@etrigue.com (subject line: "DKIM Setup Request") for next steps and instructions.

 

How to Check that DKIM and SPF Are Configured

Verifying SPF

Use one of OpenSPF's referenced validator tools.

Enter your domain and verify that your SPF record includes eTrigue's designated IP addresses. If you need the IP addresses for your DemandCenter account, please contact the eTrigue Customer Success Team.

Verifying DKIM

DKIMCore provides a quick tool to see if your DNS entries for DKIM are valid.

Enter etrigue-01 as the Selector and provide your domain in the Domain name field.

 

Frequently Asked Questions

Will DKIM and SPF negatively affect corporate emails sent directly from my company's servers?

DKIM does not affect your corporate email delivery. By setting up DKIM, you are basically letting the outside world know that eTrigue's IP addresses are allowed to send emails on your behalf.

SPF may affect your corporate email delivery only if your organization does not set up proper SPF entries. Many times, we see that organizations forget to list all possible entities that may send emails on their domains' behalf.

When configuring your SPF entries, be sure to include ALL entities that are allowed to send emails on behalf your domain, including your own mail servers and any other indirect parties that will be sending emails on your behalf.


I already have an SPF entry. Should I create a new entry for eTrigue?

We do not recommend creating an additional SPF record. In fact, OpenSPF recommends that organizations combine multiple SPF entries into a single entry.

For example, if an organization had three SPF entries...

v=spf1 mx ip4:67.108.8.192/26 ~all
v=spf1 include:_spf.etrigue1.com ~all
v=spf1 include:_spf.etrigue2.com ~all



...then a combined SPF entry would look something like this:

v=spf1 mx ip4:67.108.8.192/26 include:_spf.etrigue1.com include:_spf.etrigue2.com ~all