How to Improve Email Deliverability with SPF and DKIM

mceclip2.pngDownload Instructions as PDF

Introduction

When campaign emails are sent from DemandCenter, the emails will originate from eTrigue's servers, but your recipients will see the FROM address displayed as coming from a sender from your domain.

Since the originating source is coming from eTrigue, but the actual sender (the "from") appears to be from your own domain, recipient mail servers may find that suspicious. This perceived suspicious behavior is due to the fact that email spammers can forge the "From" address on emails so that the spam appears to come from a user in your domain.

To help prevent this type of abuse, eTrigue recommends that users implement DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF). These two mechanisms make the forging of emails much more difficult for spammers and improves the deliverability of your emails.


Jump to SPF Setup.
Jump to DKIM Setup.

 

 

How does DKIM and SPF help my deliverability?

DKIM and SPF are industry standards that deal with email authenticity. Major ISPs and many corporate spam/security filters perform DKIM and SPF checks by default, so establishing DKIM and SPF records in your domain's DNS records will allow you to pass these common checks.

DKIM and SPF is established through Domain Name System (DNS) records and is important to setup for a number of reasons, including:

  • If you do not have DKIM and/or SPF in place, it will make it tougher for your emails to reach your audiences because they may be marked as spam by corporate spam filters or personal junk folders.

  • Recipient mail servers can verify the sender of an email.

  • Confidence is increased everywhere. Recipients will know that their emails is from a legitimate source and not a spammer. Other organizations will know that you took the time to configure these widely industry standards.

  • Messages that pass this DKIM and SPF checks will have a higher deliverability probability than messages without DKIM and SPF, as they build "Trust" between the sending and receiving domains.

  • The "FROM" lines for your emails will look cleaner.

    Domains that do not have DKIM or SPF may experience "FROM" lines that display "From person A via person B" or "From Person C sending on behalf of person D".

 

Steps and Instructions to Implement SPF/DKIM

Configuring SPF

Update your domain's SPF record by inserting the following string before your "all" statement:

include:etrgmail.com


For example only, let's pretend that an organization has an existing SPF record that looks like below:

v=spf1 mx ip4:67.108.8.192/26 ~all

The modified SPF record using the "include" mechanism would look like this:

v=spf1 mx ip4:67.108.8.192/26 include:etrgmail.com ~all

 

Alternatively, if your organization prefers to list IP addresses explicitly in their SPF records, use this:

ip4:199.187.168.0/22

That modified SPF record using the "ip4" mechanism would look like this:

v=spf1 mx ip4:67.108.8.192/26 ip4:199.187.168.0/22 ~all

 

Configuring DKIM

The implementation of DKIM is may vary for each organization. To determine the best setup, contact success@etrigue.com (subject line: "DKIM Setup Request") for next steps and instructions.

 

How to Verify Your SPF/DKIM

Verifying SPF

Use one of OpenSPF's referenced validator tools.

Enter your domain and verify that your SPF record includes eTrigue's designated IP addresses. If you need the IP addresses for your DemandCenter account, please contact the eTrigue Customer Success Team.

 

Verifying DKIM

DKIMCore provides a quick tool to see if your DNS entries for DKIM are valid.

Enter etrigue as the Selector and provide your domain in the Domain name field.

 

Frequently Asked Questions

Will DKIM and SPF negatively affect corporate emails sent directly from my company's servers?

DKIM does not affect your corporate email delivery. By setting up DKIM, you are basically letting the outside world know that eTrigue's IP addresses are allowed to send emails on your behalf.

SPF may affect your corporate email delivery only if your organization does not set up proper SPF entries. Many times, we see that organizations forget to list all possible entities that may send emails on their domains' behalf.

When configuring your SPF entries, be sure to include ALL entities that are allowed to send emails on behalf your domain, including your own mail servers and any other indirect parties that will be sending emails on your behalf.


I already have an SPF entry. Should I create a new entry for eTrigue?

We do not recommend creating an additional SPF record. In fact, OpenSPF recommends that organizations combine multiple SPF entries into a single entry.


For example, let's pretend that an organization has three SPF entries as shown below:

v=spf1 mx ip4:67.108.8.192/26 ~all
v=spf1 include:_spf1.mycompany.com ~all
v=spf1 include:_spf2.mycompany.com ~all


A single combined SPF entry would look like this:

v=spf1 mx ip4:67.108.8.192/26 include:_spf1.mycompany.com include:_spf2.mycompany.com ~all