How to configure DKIM, SPF and DMARC authentications?
Last updated
Last updated
Below we will show you how to configure DKIM, SPF, and DMARC authentications.
Email authentication methods DKIM, SPF, and DMARC will allow you to increase the reputation and security of your sent emails.
Log in to your Client Area and click on Services, then on My Services.
From the list of hosting plans, access the one you want to activate Email Authentications for.
On the new screen, in the Actions box on the left, you will find the option to access the cPanel control panel. You will also see, in the central Technical Information box, a direct link to the panel from your browser.
Once in the cPanel control panel, go to Email Deliverability under the Email section.
Upon accessing the email authentications configuration screen, you will see the status of the authentications. The server will attempt to install DKIM and SPF authentications automatically.
If DKIM and SPF authentications are correctly installed, the status will show as Valid.
You can always modify the DKIM and SPF records from the Manage button on the right.
For example, you can modify the SPF record from the Customize button. Often, various external services may require adding data to this record.
If you find that one or more records (DKIM or SPF) have any issues, you will see it in the Email Deliverability Status.
You can automatically repair them, if possible, with the Repair button, or you can install them by accessing Manage.
Managing the DKIM and SPF records will show you the status of each, and if necessary, you can install each record with the Install Suggested Record button.
DMARC authentication determines what will happen to an email after it has been checked against SPF and DKIM records. The DMARC authentication configuration will determine if failure of SPF or DKIM authentications will result in the email being marked as spam, quarantined, or delivered to the recipient anyway.
The DMARC authentication must be added from another tool in the control panel.
In the Domains box, access Zone Editor.
In the Zone Editor screen, access Manage for the domain you want to configure.
You will see your domain's DNS Zone screen. Click on the arrow in the Add Record menu on the right. From the dropdown menu, select Add "DMARC" Record.
The DMARC record with default settings will be generated. You can save this configuration directly with the Save Record button, or you can configure the various options of this authentication. The three main configurations of this authentication are None, Quarantine, and Reject.
None: allows emails that do not pass DKIM and SPF authentications to be still sent.
Quarantine: instructs the mail server to "quarantine" emails that fail DKIM and SPF authentications, considering them potentially spam.
Reject: instructs the mail server to block emails that do not pass DKIM and SPF authentications.
You can further configure the behavior of the DMARC authentication by opening Optional Parameters. You will see these options to configure this authentication:
Once the DMARC authentication is configured, you should save the changes with the Save Record button.
