Adding SPF, DKIM, and DMARC Records

SPF, DKIM, and DMARC records - What are they for?

Setting these records up (especially the SPF and DKIM) is very important to get good email deliverability.   Good email deliverability means the emails are going to the recipient's inbox instead of the spam or promotional folder.

SPF, DKIM, and DMARC records are, simply put, standard authentication methods implemented by the internet community to combat spam and other shady email practices. These records are added to the DNS (Domain Name System) so that email providers can verify that the emails are sent from the domain owner.  


Sender Policy Framework is a simple email validation record that is added to the DNS as a text record to authenticate the emails sent from the email service are authorized by the domain owner.


DomainKeys Identified Mail is a method of associating a domain name to an email message, thereby allowing a person or organization to claim some responsibility for the message.


In a nutshell, DMARC enables users to tell ISPs how to handle email that spoofs your domain (e.g., quarantine, block, etc.).

How to add SPF, DKIM, and DMARC records

Depending on the email provider and domain host, the method of adding records to the DNS settings may differ.

For Outlook:

SPF for Outlook

DKIM for Outlook

DMARC for Outlook

For GSuite:

SPF for GSuite

DKIM for Gsuite

DMARC for GSuite

For Custom Inboxes or if you're using custom SMTP, refer to your email service's help page.  Example (Zoho): SPF for Zoho, DKIM for Zoho, DMARC for Zoho

The records are added to the DNS records as TXT records. 
Example: Here's how the SPF and DKIM records look like in GoDaddy: 

How to check your SPF, DKIM, and DMARC records:

The simplest way to check the records is by using a DNS lookup tool like MXToolbox and UltraTools

Here' an example of an SPF record check on MXToolbox: 

You can also check the records by checking the emails sent from the email account with Spamtester.