guide
-
About the Email Domain Blacklist -
How to Warm Up an Email Domain -
Sender Email Domain Authentication Settings -
Manage Sender Profile and Email Validation -
How to Delete Contacts and Labels -
SPF, DKIM & DMARC Domain Authentication Guide -
MailChimp Data Migration to MTARGET -
Obtaining Subscriber Email Data -
Email Marketing Glossary -
How to Whitelist MTARGET on Office 365 -
How to make a Birthday Email -
About Shared IP and Dedicated IP -
About Spam Filters -
Guide to Creating Welcome Email with the MTARGET Feature -
How to Import and Add New Contacts -
Soft Bounce and Hard Bounce
SPF, DKIM & DMARC Domain Authentication Guide
There are several steps you must take to set up the authentication of your email sender domain. This step is needed to maintain email deliverability, and your email reputation is in good condition, because these 3 things can affect your delivery if not done immediately. You can read more about the SPF and DKIM here.
In this article you will learn how to configure domain verification so that you can send marketing emails. In general, all steps to configure domain verification are almost the same on multiple server domains.
How to authenticate domains
Here are the steps you need to do:
- Enter the Email Marketing menu, then select ‘Manage Sender’.
- If you have not added the email sender, you can add it first then to do email validation. On the ‘Manage Sender’ page your email sender will appear like this
Click on the DNS Instruction button and this will appear like this
These two records will be copied on your DNS Manager on domain server.
- Open a new tab in your browser, then open the DNS Manager of the domain you are using to start adding SPF, DKIM and DMARC configurations.
Note
Domain providers use a different name for the page where you will update the DNS Record, such as cPanel, Zone Editor, Zone File Settings, Manage Domains, Domain Manager, DNS Manager, and many more. If you want to see the DKIM SPF configuration on another domain server, you can read our documentation here.
CNAME configuration for DKIM
This is an example of CNAME configuration to set DKIM authentication. On some domain servers it might look different like the label name, column etc. Because each DNS provider has different settings.
This is the CNAME configuration for DKIM:
Record type : CNAME Record
Name : `mt1._domainkey.(yourdomain.com)`
Record / Value : dkim.mailtarget.co
TTL : Default
Without parenthesis
Save CNAME configuration.
Note
If DNS Management in your server’s domain cannot add the
dkim.mailtarget.coRecord, contact your domain server because in some domains the old server does not provide the option to provide a Record. So you cannot add thedkim.mailtarget.corecord.
TXT configuration for SPF
Following is an example of the TXT record for SPF that you will add. As mentioned before, some display labels, columns and others may look different but function more or less the same.
This is the TXT configuration for SPF:
Record type : TXT
Name : (yourdomain.com)
Record / Value : v = spf1 include: spf.mailtarget.co? All
TTL : Default
Without parenthesis
Save the TXT configuration.
Note
- In some DNS Managers you might be able to add SPF records directly without having to go through TXT. That’s because there are some DNS Managers that provide SPF records directly, some are just TXT. So, if your DNS Manager only provides TXT records, then you need to add SPF via TXT. If your DNS Manager provides SPF records, then you can add them directly through the SPF records.
- Don’t make more than one TXT for SPF. However, you can add additional records in one configuration.
- In some cases, we need an additional configuration if indeed your domain has an additional configuration, like your domain that uses IPv4, A records and MX records. If you really need to install the configuration, add a record like the following
v = spf1 ip4: xxx.xxx.xxx.xxx + a + mx include: spf.mailtarget.co? allThis is an example of a TXT record for an incorrect SPF:v = spf1 include: spf.mailtarget.co? All include: spf.domainanda.com? AllSo make sure the TXT record is only one line like the example above.
TXT configuration for DMARC
For DMARC configuration, it is not mandatory, because by default it is usually in some domains when you add an email sender. The DMARC status will generally immediately become valid. However, in some domains there needs to be further configuration which causes the DMARC status to be ‘Not Valid’. If the DMARC status that you get is ‘Not Valid’, then you need to add the DMARC configuration.
This is the TXT configuration for DMARC:
Record type: TXT
Name: `_dmarc.(yourdomain.com)`
Record / Value: v = DMARC1; p = none; sp = none; aspf = r; rua = mailto: (email@example.com); ruf = mailto: (email@example.com); rf = afrf; pct = 100; ri = 86400
TTL: Default
Without parenthesis
Note
- Fill email@example.com with the email you have. Not required to be the same as the email in the email sender list in the MTARGET app, because this email will be used as an email to receive delivery reports.
- Make sure that every time you configure a DMARC record, the
pcode must be none likep = none, because in DMARC there are 3 policies. Namely None policy (Email can be sent smoothly and safely), quarantine policy (Email can still be sent but the potential to enter the spam box is also large), reject policy (Email cannot be sent at all). If you enter a configuration record other than none, such as quarantine or reject, it is certain that your e-mail delivery will be interrupted.
Updating Domain Authentication Configuration
If you have previously authenticated a domain with Email Service Provider (ESP), make sure you only use 1 record. So, you only need to add the configuration as added above then delete the domain authentication configuration from ESP that you have previously used. Generally, the addition is only in the record / value column, not the ‘Name’. Because the ‘Name’ contains the domain you are currently using.
Remember, only editing records. No need to add new records to update configuration
FAQ
Q: I feel that I have configured it correctly and successfully but domain verification is still red A: If you feel you have configured it correctly, but domain verification is still red, you don’t need to panic. Wait for about 48 hours because the domain server needs time to recognize the record that you just added.
Q: I have previously used another Email Service Provider (ESP), which means I have configured SPF. Should I make a new TXT record again? A: If you have previously made an SPF setting, then you do not need to add a new TXT record.
Just add include: spf.mailtarget.co to the old Record. For example, you already have the SPF setting v = spf1 include: spf.(yourdomain.com) .co? All, then you only need to change it to add tov = spf1 include: spf.(yourdomain.com) include: spf.mailtarget.co? all without having to add a new Record.
Q: I need an example for SPF & DKIM configuration through another domain server, such as cPanel or Zone Editor A: You can read our documentation for application on another domain server here
Q: How do I check if my record configuration is correct?
A: To check it you can use whatsmydns.net or dnschecker.org to check whether the settings are active.
In the example form, type your domain name.
On the dropdown menu next to it, select CNAME to see the CNAME or TXT status to see the TXT status.
Then click the Search button.
It will appear whether your settings are correct, or not. If you experience difficulties, contact us via Live Chat.
