How to configure DKIM, SPF and DMARC authentications?
Below we will explain how to configure DKIM, SPF and DMARC authentications.
The email authentication methods DKIM, SPF and DMARC will allow you to increase the reputation and security of your sent emails.
Accessing the Email Authentication tool:
- Log in to your Client Area and click Services, then My Services.
- From the list of hosting plans you have, open the one for which you want to enable Email Authentications.
- On the new screen you’ll see, in the Actions box on the left, the option to access the cPanel control panel.
You will also see, in the central Technical Information box, the direct link to the panel from your browser.
- Once in the cPanel control panel, go to Email Delivery under the Email box.
- When entering the email authentication configuration screen you’ll see their status. The server will attempt to install the DKIM and SPF authentications automatically.
If the DKIM and SPF authentications are installed correctly, the status will show as Valid.
You can always modify the DKIM and SPF records from the Manage button on the right.
For example, you can modify the SPF record using the Customize button. Often different external services will ask you to add a value to this record.
Repair or install Email Authentications:
If you find that one or more records (DKIM or SPF) have an issue, you will see it in the Email Delivery Status.
You can repair them automatically, if possible, using the Repair button or you can install them by entering Manage.
Managing the DKIM and SPF records will show the status of each, and if necessary, you can install each record with the Install Suggested Record button.
How to add and configure DMARC authentication
DMARC authentication determines what will be done with an email after it has been checked against the SPF and DKIM records. The DMARC configuration will determine whether a failure of the SPF or DKIM authentications will cause the email to be marked as spam, blocked, or still delivered to its recipient.
DMARC authentication must be added from another control panel tool. In the Domains box, go to Zone Editor.
On the Zone Editor screen, click Manage for the domain you want to configure.
You will see your domain’s DNS Zone screen. There click the arrow of the Add Record menu on the right. In the dropdown menu choose the Add “DMARC” Record option.
The DMARC record will be generated with the default configuration. You can save this configuration directly using the Save Record button or you can configure the different options of this authentication.
The three main policies of this authentication are None, Quarantine or Reject.
- None: Allows emails that do not pass the DKIM and SPF authentications to continue to be delivered.
- Quarantine: Instructs the mail server to “quarantine” emails that fail the DKIM and SPF authentications, treating them as potential spam.
- Reject: Instructs the mail server to block emails that fail the DKIM and SPF authentications.
You can also continue configuring DMARC behavior by opening Optional Parameters.
You will see these options to configure this authentication.
Once DMARC authentication is configured you must save the changes with the Save Record button.