Loading...

Knowledge Base

What Are DKIM and DMARC?

DKIM

There are several email authentication techniques that one can deploy for email addresses associated with your domain and website. When you send messages with DKIM (Domain Keys Identified Mail), it allows the receiver to verify that the domain owner authorized an email. DKIM is a secure, encrypted digital signature added to the header of your messages.

DKIM signatures are not visible to users as the validation is done at the server level. Using security standards, like DKIM, DMARC, and SPF, one can protect one's domain from having malicious emails that appear to have been sent on your behalf. Many internet providers, including Domain, automatically implement DKIM in your DNS records.

DMARC

Another standard security protocol is DMARC or Domain-based Message Authentication, Reporting & Conformance. Using both Sender Policy Framework (SPF) and DKIM, DMARC assesses email messages for authenticity. Internet Service Providers (ISPs) can easily prevent spoofing and phishing scams via DMARC.

When email servers receive a message they are unable to authenticate by DMARC; the message can be filtered to a junk folder or blocked altogether. It allows ISPs to identify spammers and protect their customer inboxes from malicious emails.

What benefits can you gain using DMARC?

  • Security: DMARC helps establish consistent standards for the entire email community
  • Visibility: DMARC can alert you if someone is spoofing email from your domain
  • Reputation: Protect and enhance your online brand reputation

How to generate your DMARC record

For DMARC, your DNS records must contain:

  • SPF record
  • A record
  • CNAME
  • DKIM (optional)

MX Toolbox (not affiliated with Domain) provides an easy DMARC generation tool. Follow the steps below to generate your DMARC record and add it to your DNS as a TXT record.

  1. Navigate to MX Toolbox to generate your DMARC record
  2. Enter your domain name in the Domain or Host Name box and Click Check DMARC Record
    Generate your DMARC record
  3. Step 1 you can leave on None for now.
    Reporting mode
  4. Enter email addresses where reports can be sent.
    Email addresses for reports
  5. Save the information in the grey box, this is what you will need to create your DMARC record.
    Data for creating your DMARC record
  6. Login to your Domains dashboard and click on DNS & Nameservers.
    Login to your Domains dashboard, DNS
  7. Click the DNS Records tab
    DNS Records tab
  8. Click on the blue button for Add DNS Record
    Add DNS Record
  9. Enter the DMARC data as TXT Type. The Content contains the text string beginning with "v" that you generated on the MX Toolbox site.
    Data for creating your DMARC record
  10. Your newly created DMARC record will be displayed at the bottom of your existing DNS records.
    DMARC record

Loading...