SPF and DKIM records.
SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records.
SPF is a mechanism used to authenticate the source of an email and prevent email spoofing. It’s a type of DNS record that specifies which mail servers are authorized to send email on behalf of a domain. The SPF record is included in the DNS settings for a domain and is used by email receivers to validate the source of an incoming email.
For example, let’s say you own the domain “example.com”. If you want to ensure that email sent from “example.com” is trusted, you’ll need to create an SPF record that lists the mail servers that are authorized to send email from your domain. Here’s what an SPF record for “example.com” might look like:
example.com. IN TXT “v=spf1 mx a:mail.example.com ip4:192.168.1.100 -all”
In this example, the SPF record specifies that email sent from “example.com” is only considered legitimate if it comes from the domain’s MX servers, the server “mail.example.com”, or the IP address “192.168.1.100”. The “-all” at the end of the record specifies that all other sources of email are considered to be unauthorized and should be rejected.
DKIM is another mechanism used to authenticate the source of an email. It works by adding a digital signature to an email, which is then verified by the recipient’s mail server. The signature is created using a private key and is stored in a DNS record for the domain that sent the email. The recipient’s mail server uses the public key from the DNS record to verify the signature and authenticate the source of the email.
To set up DKIM for a domain, you’ll need to:
- Generate a public/private key pair.
- Add a DKIM record to the domain’s DNS settings that includes the public key.
- Configure your mail server to add a DKIM signature to outgoing email from your domain.
Here’s what a DKIM record for “example.com” might look like:
default._domainkey.example.com. IN TXT “v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2AQGzEjK35Sk5O5O1M5DZ9cL/N+/7zJlKj/v7z/EtXMmC7/jKt8AKv/Xu/mUnTm7Vgwf8Kv7VcIz/0n7Vxq3sBv7VrTjrCppV7wjl8jvKVy+zL1s0V7sW8qJlKj/oKt/etO7OJjKv/y7EjKtO7V7xjJt+oKtjK35Sk5O5O/N+/7zJ/EtXMmC7/jKt8AKv/Xu/mUnTm7Vgwf8Kv7VcIz/0n7Vxq3sBv7VrTjrCppV7wjl8jvKVy+zL
Search for records: