You need to read this, ignoring this will cost your business without you knowing about it. Now these acronyms they don’t sound familiar and even if they do, it seems super boring, but take it from my experience, they are more important than they seem to be.
You might have in mind that what on earth is SPF and DKIM and what makes them so important?
First, let me introduce you to SPF.
SPF or Sender Policy Framework is a way of authenticating email, confirming the identity of the sender to prevent the receiver from frauds and spams. Your SPF record hold the lists of your IP addresses and host names, this list then goes into the DNS record and added to the DNS zone. All of it is simple than it sounds.
How does SPF works?
SPF or Sender Policy Framework authenticate the sender of the email by tallying out the IP address and/or Host name from the list it holds.It does so to protect recipients from frauds.
The recipient uses address of the mail (the Return-Path header) to confirm whether the IP address is allowed to send the mail, now if you have SPF, access will be granted and the mail will successfully be displayed to the receiver but in case you do not have SPF, the mail will be marked as suspicious or in some cases even rejected by the receiver.
How to know whether you have SPF established on your domain?
You can check if SPF is functional on you domain using tools such as:
All you need to do is Open either of the toolbox > Enter your domain name.
Performing some tests, it’ll tell you if SPF is established on your domain or not, if established then what your current SPF record is.
as you can see below, i have established SPF for G Suite (business email) and Mailierlite (email marketing) services.
How to set SPF on your domain?
After knowing your SPF record, you have to make sure that all the domains which send out emails on your behalf should be added to your SPF record list. For this all you need to do is:
- Go to SPF checker
- Enter your domain address
- Validate your DNS.
So let’s come to the limitations of SPF.
SPF is a great technique to authenticate your emails, but it has its own set of limitations like:
- SPF lacks in validating the “from header” of the mail, it shows the header filled in by the sender with no verification.
- SPF cannot work when the mail is forwarded because now the forwarder becomes the new sender and it cannot verify whether the initial sender was authentic.
Now let’s get introduced to DKIM.
DKIM or Domain Key Identified Mail is very similar to SPF and serve the same reason, to avoid receiving fraud mails from unreliable sources. It is an authentication system which verifies whether the sender of the mail is legitimate email user to avoid forgery.
DKIM works on encrypting and decrypting, a digital signature attached to the header of the mail. To make this work, every domain has 2 keys. A private key unique to the domain and a public key, it is added to the DNS records using DKIM standards; it enables the receiver server to retrieve and decrypt the hidden signature from the header of the message received.
How DKIM works?
It attaches a digital signature to the header of outgoing mails which unique for every domain. Upon receiving the mail, the server checks the header against a public key stored in the sending server’s DNS record to confirm the authenticity of the sender.
How to activate DKIM on your domain?
cPanel, a popular Linux web server application, allows the administrator to activate DKIM on the mail. For that you have to go on the interface section.
- Authentication and DKIM is activated for all the users.
LIMITATIONS OF DKIM.
- Though DKIM is a simple technique to verify the mails sent from authentic mail, it has its own set of drawbacks.
- For DKIM to work, both the sender and the receiver domain should have DKIM, if either lacks it cannot process authentication. Also, DKIM only works on sender authentication, it does not provide any protection against spams. A DKIM may mean that the message is less likely to be a spam, it has nothing to with the content it holds.
Finally, if you are someone who sends out lots of emails for marketing purpose or customer interaction, then you must keep up the reputation of your domain and if you do not want your domain to be blacklisted and your emails ending up with spams, then you must set up SPF and DKIM records on your DNS server properly.
The setup process may seem way more complicated than it is and setting it up will cause high deliverability of your mails, which further helps your business.