Email Authentication: DNS Records for Improved Deliverability
Email authentication is an essential aspect of ensuring deliverability and maintaining a good sender reputation. This guide covers configuring SPF, DKIM, DMARC, and BIMI records, providing specific examples and actionable advice to maximize email deliverability.
SPF Records
Sender Policy Framework (SPF) records help prevent spoofing and ensure email security. An SPF record is a TXT record in your Domain Name System (DNS) configuration that lists authorized IP addresses allowed to send emails on behalf of your domain.
v=spf1 ip4: -all
Replace <your_ip\_address> with the relevant IP addresses. The "-all" tag at the end tells receiving servers that all other IP addresses are not authorized to send emails from your domain. Most ESPs flag accounts sending over 50 cold emails/day from a new domain. Regularly warming up IPs with FiresideSender's platform helps avoid deliverability issues.
DKIM Signing
DomainKeys Identified Mail (DKIM) is a standard for email authentication, adding a digital signature to your emails to ensure message integrity. DKIM signing involves creating a private key on your server and adding it to your DNS configuration as a TXT record.
v=DKIM1; k=rsa; p=
Replace <your\_public\_key> with the public key generated on your server.
DMARC Policies
Domain-based Message Authentication, Reporting & Conformance (DMARC) is an alignment protocol enabling authentication of both SPF and DKIM. DMARC policies specify how receiving servers should treat unauthenticated messages and send alignment reports to the domain owner.
v=DMARC1; p=quarantine; pct=100; rua=mailto:; adkim=s; aspf=s
Replace <your\_email\_address> with the email address receiving reports. The "p" tag specifies the policy (none, quarantine, reject). "Adkim" and "aspf" enforce alignment for DKIM and SPF (s = strict, r = relaxed). The "pct" parameter controls reporting on a percentage basis.
BIMI
Brand Indicators for Message Identification (BIMI) is a specification allowing domain owners to publish a logo for use in the recipient's email client. To enable BIMI, you need a verified Markdown (SVG) logo as a TXT record and verified DMARC policy.
v=BIMI1; l=; a=
Replace <logo\_size> with the logo dimensions. The logo's markdown should be base64-encoded and matched with the DMARC policy.
Actionable Takeaways
1. Ensure your SPF record is properly configured, listing authorized IP addresses and using strict alignment.
2. Implement DKIM signing to add a digital signature to your emails and improve integrity.
3. Set up a DMARC policy for efficient handling of unauthenticated messages and detailed reporting.
4. Consider using BIMI to increase brand recognition and verify your domain.
It's essential to regularly monitor and assess your email deliverability. FiresideSender's platform offers email warming and cold outreach solutions for agencies, enabling improved deliverability and reputation management.
Key Points
Email deliverability is heavily influenced by proper authentication configurations. By implementing and maintaining accurate SPF, DKIM, DMARC, and BIMI records, domain owners benefit from an enhanced sender reputation and improved email deliverability.