inGuide | Digital Marketing, Online Business & WordPress
  • Home
  • Blog
  • Deals
  • Services
  • Forum
    • New Forum
  • Free Resources
    • inSend: Mailwizz
  • Contact
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
Email Marketing, SMTP server

What are DKIM, DMARC and SPF? How they affect email delivery?

what-is-dkim-dmarc-spf-rdns

Whenever we talk about email delivery to inbox first thing that pops up in our mind is email security protocols, which are none other than DKIM, DMARC, and SPF. They play key important role inbox delivery. In order to understand what role they play, let’s understand how receiving server concludes a particular email is spam or not. Though there are hundreds of factor which affect inbox delivery but in this article, our discussion is limited to email security protocols.

How do mail servers block spam?

When email is sent out receiving mail servers need to confirm identity of the sender.

What this means, for example, you use Zimbra mail server to send email to Gmail. Here, Google’s mail server will check some information about your Zimbra mail server.

If it’s eligible, Gmail will allow email to arrive. Conversely, Gmail will block your mail or put it in the Spam folder.

So what is this information? That is DKIM, SPF and DMARC.

Let’s understand these protocols one by one starting with DKIM.

What is DKIM?

The very first question is what is DKIM?

According to information from Zimbra, DKIM has the following definition:

DomainKeys Identified Mail (DKIM) lets an organization take responsibility for a message that is in transit. The organization is a handler of the message, either as its originator or as an intermediary. Their reputation is the basis for evaluating whether to trust the message for further handling, such as delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication

Understand simply. DKIM helps the receiving mail server confirm that the email is fake or not fake. Spoofing mail domain names to send fake emails is very common, so DKIM as a tool helps mail server to distinguish real mail and fake mail.

How to create DKIM key?

You can create or more specifically generate DKIM in many ways. This has already been discussed extensively.

How to use DKIM?

After you have generated DKIM key, go to domain registrar and then create a TXT entry into DNS records

Host recordTypeValue
TXT

Note: Notice the double quotes in the Value section.

How to verify DKIM data

After you have created the DNS record for DKIM of the mail domain, you need to verify that it is correct. There are several online tools that let you verify your DKIM record

A very useful tool for email system administrators is MXToolbox.

Now go to the DKIM check link and type the following information.

  • Domain Name: just type domain mail domain to this box.
  • Selector: type the key to this box, the key look like 5FB56121-7BDF-21E9-8459-20D59831E3AB in Zimbra and postal-xhee82 in Postal SMTP. It could be different in some other DKIM as well. Look at the Host record column above, remove the text phrase ._domainkey and the rest is the key.
check-dkim-for-mail-server

And the results should be green as image below, which shows that you have successfully set DKIM for your mail domain.

dkim-test-result-mxtoolbox-verify

What is an SPF?

Right, first, we need to know what SPF is? Why do we need to configure it?

According to Zimbra, SPF defines:

Sender Policy Framework (SPF) is an email validation system, designed to prevent unwanted emails using a spoofing system. To check this common security problem, SPF going to verify the source IP of the email and compare it with a DNS TXT record with a SPF content.

So, like DKIM, SPF help the receiving mail system confirm whether the email sent is real or fake?

Validating through the contents of the DNS record contains the IP of the mail server.

You can look at the image below and find out more information about it at this page.

So can you understand why we need to configure it?

That’s because every email that your mail server sends, other mail servers around the world will check for SPF information before deciding whether to put it in inbox or spam or block mail.

How to Create SPF record for mail server?

You can take help of online SPF record generator. MXToolbox provides a tool called SPF Record Generator. You only need to declare your information in the data fields.

  • Step 1: type domain mail domain to box name Domain Name or URL and press button Check SPF Record.
mxtoolbox-spf-generator

Step 2: Fill all data fields in SPF WIZARD to get final dns record.

create-spf-record

At the “How strict should should the SPF Policy be?”

You have 4 choices (this explanation is based on information from Zimbra):

  1. --: do not choose anything
  2. Strict: will only mark the email like pass if the source Email Server fits exactly, IP, MX, etc. with the SPF entry
  3. Neutral: without policy
  4. Soft Fail: allows to send the email, and if something is wrong will mark it like softfail

Usually, we will choose number 4.

How to use SPF record?

Based on the content Suggested Record, you need to create a record with the following content:

Host recordTypeValue
@TXT“v=spf1 a mx a:mail.yourdomain.com ip4:192.168.10.10 ~all”

Note: Put content Value of SPF records in double quotes

How to check whether SPF record is set correctly ?

You open the SPF test tool on MXToolbox. Enter your domain and click SPF Record Lookup button.

The returned result should look like the image below. Every Test step is green.

verify-spf-record

What is DMARC?

According to information from Zimbra, we define DMARC as:

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is a technical specification created by a group of organizations that want to help reduce the potential for email-based abuse by solving a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols.

It seems a little confusing to you, but you should understand it simply. DKIM combined with SPF, and now DMARC, all of these technologies are primarily to make sending emails from your mail server more reliable.

Other mail servers around the world will trust your system, they will distinguish whether your email is fake or not.

Take a look at the image below, the source image from Zimbra. You can understand what DMARC will do in the process of receiving emails.

If the DMARC of the email is sent to the pass, the mail will be put into the inbox, otherwise, it may be put into spam or returned.

How to create DMARC Record ?

DMARC record is rather easy to create compared to DKIM or SPF. You can either create it manually or online.

To create online visit this website. After that enter your domain and select the options as shown in the image below, then click the Get DMARC Record button.

generate-dmarc-record-online

At last you will get the result as image below. You need to pay attention to the following 3 contents:

dmarc-record-dns-entry
  • DMARC record for: yourdomain.com
  • Record should be published at _dmarc.yourdomain.com
  • v=DMARC1; p=quarantine; rua=mailto:[email protected]; ruf=mailto:[email protected]; sp=quarantine

To create manually, just copy the above record and replace [email protected] with your admin email address like [email protected] or, if already have created [email protected] then you can use that as well.

How to use DMARC record?

Now we will create DNS record for DMARC for your mail domain.

Host recordTypeValue
_dmarcTXT“v=DMARC1; p=quarantine; rua=mailto:[email protected]; ruf=mailto:[email protected]; sp=quarantine”

Note: Notice the double quotes in the Value section.

How to check the DMARC record is correct or not ?

Now go to the DMARC test page, enter your domain in the Domain Name box and click the DMARC Lookup button.

If you have set up exactly what I instructed, the results will be correct and the test fields are green.

What is reverse DNS?

When you build mail server, you have to configure the DNS record to resolve the mail domain mail.yourdomain.com to the IP address of the server.

However, that may not be enough. Some companies around the world like AOL, they will reject your email if you don’t have a reverse DNS record.

Take a look at the image below, and you’ll know what the reverse dns record is.

reverse-dns-lookup

The rDNS (reverse dns) record allows IP resolution to be a domain name, which helps confirm your mail server correctly.

Where do we need to configure rDNS?

  1. You need to configure rDNS in the hosting provider. Most of the hosting provider let you create rDNS yourself but some of them but for some like AWS, Oracle, Google, Azure you will to ask them.

Conclusion

Email security protocols plays important role in inbox delivery. Unless you have all protocols in place email is bound to go in spam/junk. Therefore, you must pay attention to these protocols.

May 6, 2021/2 Comments/by Dhiraj Rahul
Tags: dkim generator, dmarc generator, spf generator
Share this entry
  • Share on Facebook
  • Share on X
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Vk
  • Share on Reddit
  • Share by Mail
https://inguide.in/wp-content/uploads/2021/05/what-is-dkim-dmarc-spf-rnds.jpg 720 1280 Dhiraj Rahul https://inguide.in/wp-content/uploads/2021/02/inguide_logo_red_340_156-300x138.png Dhiraj Rahul2021-05-06 06:03:372021-05-06 06:03:39What are DKIM, DMARC and SPF? How they affect email delivery?
You might also like
domain-keys-identified-mail Super Easy Way to Generate and Validate DKIM online
2 replies
  1. Nicho
    Nicho says:
    June 27, 2022 at 7:39 am

    can you help me

    Reply
    • Dhiraj Rahul
      Dhiraj Rahul says:
      June 28, 2022 at 3:35 pm

      sure

      Reply

Trackbacks & Pingbacks

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Table of Contents

Search Search

Recent Posts

  • Install Mattermost on Ubuntu/Debian
  • 17 Popular Free & Paid Mail Transfer Agents
  • Top 10 VPN Service Providers & Why!!
  • 15 Best Canva Alternatives for Graphic Design [Free & Paid]
  • 12 Best third-party SEO tools for your website
  • Best NFT Marketplace For Beginners
  • Best WordPress ad management plugin
  • What is Domain Name System blacklist (DNSBL)?
  • Introduction to the Basics of Linux
  • What is Proxy Server?

Categories

  • Chat & Collaboration
  • Domain
  • Email Marketing
  • Email Service
  • Graphic Design
  • Hosting
  • Learning Management System
  • Linux
  • Miscellaneous
  • Proxy
  • Search Engine Optimization
  • SMS
  • SMTP server
  • WooCommerce
  • Wordpress
  • WP Security
Popular
  • Postal-smtp-server
    Build Postal SMTP Server & Send Bulk Emails Step by...March 25, 2021 - 5:19 am
  • install-configure-powermta-centos-8
    Install & Configure PowerMTA on CentOS with IP rot...February 15, 2021 - 4:23 am
  • postal-create-SMTP-add-domain-SSL
    Simplest Way to Configure Postal & Create SMTP + Install...March 27, 2021 - 9:20 am
  • Install CyberPanel on Ubuntu and Create WordPress Websi...September 22, 2021 - 10:05 am
  • Create Mail Server on Windows with Open Source hMailSer...June 13, 2021 - 10:15 am
  • zimbra-free-ssl-certificate-install
    How to Install Free SSL Certificate on Zimbra Mail Serv...May 9, 2021 - 2:21 pm
  • install-zimbra-mail-server-on-centos-8
    Install Zimbra Mail Server on CentOS 7/8 Step by StepMay 9, 2021 - 6:05 am
  • Install and Configure MailCow – Best Self Hosted Mail...May 12, 2021 - 10:32 am
  • lets-encypt-certificate
    Installing Let’s Encrypt Free SSL Certificate on ...March 24, 2021 - 7:36 am
  • install-wordpress-cloud-hosting
    Super Easy Way to Install WordPress on Cloud Hosting in...March 30, 2021 - 1:35 am
Comments
  • vikasCannot "Build a new mail server" #3295 On a fresh installation...May 15, 2025 - 1:19 pm by vikas
  • SivaHow can find about aol blocking and know about email inbox...February 26, 2025 - 7:04 pm by Siva
  • RAKESH GUPTAWe want to change our default CentOS Mail Server to something...December 5, 2024 - 7:15 am by RAKESH GUPTA
  • LavisHey, Can you help me to choose good SMTP server between...November 18, 2024 - 11:12 am by Lavis
  • ApostleThis question is never answeredOctober 29, 2024 - 6:19 am by Apostle
Tags
Ahrefs Aol Canva dkim dkim generator dkim powermta dmarc generator easyengine email deliverability free Gmail install docker ubuntu install free ssl zimbra install mailcow install mailwizz install wordpress install wordpress on google install zimbra centos 8 iredmail mailcow Mailu mailu docker compose mailwizz Memberpress MTA open source chat app outlook Plugin Postal postal server postal smtp private chat server rocket.chat SEO smtp server spf generator Talos VPN WooCommerce WordPress wordpress on cloud hosting Yahoo zimbra zimbra mail server zimbra ssl

Follow us on Facebook

X Logo X Logo Followon X

Information

  • About
  • Account
  • Blog
  • Contact
  • Deals
  • List of VPS Hosting that Provides Open Port 25
  • Login
  • Newsletter
  • Privacy Policy
  • Terms of Service
  • Thank You
  • Verify Account

Resources

  • Account
  • Deals
  • Downloads
  • List of VPS Hosting that Provides Open Port 25
  • Login
  • Services
  • Thank You
  • Verify Account

Categories

  • Chat & Collaboration
  • Domain
  • Email Marketing
  • Email Service
  • Graphic Design
  • Hosting
  • Learning Management System
  • Linux
  • Miscellaneous
  • Proxy
  • Search Engine Optimization
  • SMS
  • SMTP server
  • WooCommerce
  • Wordpress
  • WP Security

Archive

  • November 2025
  • July 2023
  • June 2023
  • May 2023
  • January 2023
  • November 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • September 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
© Copyright - inGuide | Digital Marketing, Online Business & WordPress
  • Terms of Service
  • Privacy Policy
Link to: Build Self Hosted Private Chat Server with Open Source rocket.chat Link to: Build Self Hosted Private Chat Server with Open Source rocket.chat Build Self Hosted Private Chat Server with Open Source rocket.chatbuild-private-self-hosted-chat-server-rocket-chat Link to: Install Zimbra Mail Server on CentOS 7/8 Step by Step Link to: Install Zimbra Mail Server on CentOS 7/8 Step by Step install-zimbra-mail-server-on-centos-8Install Zimbra Mail Server on CentOS 7/8 Step by Step
Scroll to top Scroll to top Scroll to top