Skip to main content

DKIM / SPF / DMARC

Updated over 3 months ago

What Are DKIM, SPF, and DMARC?

These three terms refer to important security standards that protect your emails from spam and abuse. They help ensure that emails sent from your domain actually come from you and not from fraudsters who have forged them. Here’s a simple explanation of each protocol:

  • SPF

  • DKIM

  • DMARC

SPF (Sender Policy Framework)

SPF is a method for checking which servers are authorized to send emails on behalf of your domain. It helps detect and block forged senders. You define in an SPF record which servers are allowed to send emails for your domain.

Why Is SPF Important?

SPF prevents fraudsters from sending emails that look like they came from your domain. If someone tries to send an email from an unauthorized server using your domain, the receiving mail server can block the message or mark it as spam.

DKIM (DomainKeys Identified Mail)

DKIM adds a digital signature to your outgoing emails. This signature is verified by the receiving mail server to ensure that the email really originated from your domain and was not altered in transit.

Why Is DKIM Important?

DKIM protects the integrity of your emails. It ensures that the content of the email hasn’t been modified on its way to the recipient. If someone tries to forge or intercept the email, the signature won’t match, and the message can be flagged as suspicious.

DMARC (Domain-based Message Authentication, Reporting & Conformance)

DMARC builds on SPF and DKIM. It gives receiving mail servers clear instructions on what to do if an email fails SPF or DKIM checks. DMARC also provides you with reports showing who is sending emails on behalf of your domain and whether they passed authentication.

Why Is DMARC Important?

DMARC protects your domain from misuse by specifying how email servers should handle messages that fail SPF or DKIM validation. You can decide whether these emails should be sent to the spam folder, rejected, or still delivered. DMARC also provides reports that let you see whether emails are properly authenticated and who else might be trying to send emails in your name.

Where Can I Find SPF, DKIM, and DMARC Records?

You can find the settings for SPF, DKIM, and DMARC in your domain’s DNS settings. There you can add or edit the corresponding DNS records. If you’re unsure how to do this, our website offers a step-by-step guide on how to set up SPF, DKIM, and DMARC.

Note for Hoststar customers: With Hoststar, SPF and DKIM records are created automatically as soon as you add a new email address for your domain. You don’t need to configure them manually—they’re already in place and protect your emails.

Summary of the Benefits of SPF, DKIM, and DMARC

  • SPF: Defines which servers are allowed to send emails for your domain, preventing forged senders.

  • DKIM: Adds a digital signature to your emails to ensure they aren’t altered in transit.

  • DMARC: Specifies what to do when an email fails SPF or DKIM validation and sends you reports about potential issues.

By using these security protocols, you protect your domain and ensure your emails cannot be misused for fraudulent purposes.

Related Articles
Subscription
Domain aliases
Preview link
DNSSEC
What is Phishing
Did this answer your question?