In order to ensure high email deliverability, and that you won’t have issues with email spoofing, it’s recommended to configure SPF, DKIM and DMARC records for your domain.
In case you’ll require to manually configure those records, please follow the steps below.
- SPF (Sender Policy Framework) is a DNS text entry which shows a list of servers that should be considered allowed to send mail for a specific domain.
You can enable SPF in cPanel -> Email -> Email Deliverability and click on Manage button for the domain on which you want to configure the SPF record. Scroll down to SPF area and click on customize button in case you want to use an external SPF record.
If you are sending the emails through our email server, the SPF record that you should use is:
"v=spf1 a mx include:relay.mailchannels.net ?all"
- DKIM (DomainKeys Identified Mail) should be instead considered a method to verify that the messages’ content is trustworthy, meaning that they weren’t changed from the moment the message left the initial mail server.
You can enable DKIM in cPanel -> Email -> Email Deliverability and click on Manage button for the domain on which you want to configure the DKIM record. Then you will be able to generate a local DKIM key.
- DMARC – (Domain-based Messaging and Reporting Compliance) this is a TXT record that practically combats email spoofing and is useful to stop phishing. Specifically, it protects the case where a phisher has spoofed the Display From address (also know as 5322.From email address). DMARC protects users by evaluating both SPF and DKIM and then determines if either domain matches the domain in the Display From address.
A very basic DMARC record looks like the following:
- The DMARC record is added from cPanel > Domains > Zone Editor, and should look like this:
_dmarc.example.com IN TXT 14400 "v=DMARC1;p=none;sp=quarantine;pct=100;rua=mailto:[email protected]"
Make sure to change example and [email protected] to the proper ones according to your case.