1. SPF
SPF stands for "Sender Policy Framework". An SPF record is in place to identify which mail servers are authorized to send mail for a given domain. It is used to prevent spammers from sending mail with fraudulent From addresses at that domain.
Though many DNS editors allow for the creation of an SPF record, the SPF record must be entered as a TXT record
In your domain's DNS settings create a TXT record. Enter:
Host/Name: @ (This means that the record is pointed at your own domain. Some editors will require the "@" symbol, some will require you to enter your own domain, and others will not let you enter anything. Every DNS Editor is different - you may need to contact your hosting provider for information on how to enter this record correctly)
Value: v=spf1 a mx include:zolute.email ~all
TIPS:
Check to see if there are any other SPF records in your domain's DNS. There can only be one SPF record per domain, so if there is an existing record just add "include:zolute.email" to that record. Make sure you remove the quotes.
For example, if your domain already has the record: v=spf1 a mx include:_spf.google.com ~all
....then you would just add: include:zolute.email
The final record would look like this: v=spf1 a mx include:_spf.google.com include:zolute.email ~all
2. DKIM
DKIM stands for "DomainKeys Identified Mail". They allow receiving servers to confirm that mail coming from a domain is authorized by the domain's administrators.
Create a TXT record. Enter:
Host/Name: api._domainkey
Value:
k=rsa;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbmGbQMzYeMvxwtNQoXN0waGYaciuKx8mtMh5czguT4EZlJXuCt6V+l56mmt3t68FEX5JJ0q4ijG71BGoFRkl87uJi7LrQt1ZZmZCvrEII0YO4mp8sDLXC8g1aUAoi8TJgxq2MJqCaMyj5kAm3Fdy2tzftPCV/lbdiJqmBnWKjtwIDAQAB
TIPS:
DNS settings can have as many DKIM records as needed.
In some DNS settings the Host/Name field may require you to enter "api._domainkey.yourdomain.com", replacing your domain with your actual domain.
3. Tracking
Zolute Email "tracks" opens, clicks, unsubscribes, etc. To do that we must rewrite links and use web pages. Setting up a "tracking domain" brands these rewritten links and pages with your own domain.
Create a CNAME record. Enter:
Host/Name: tracking
Value: tracking.zolute.email
*Zolute Email system will look for either "tracking" or "email" automatically. If another CNAME is used please contact support to get it validated.
4. DMARC
Domain-based Message Authentication, Reporting & Conformance is an email authentication protocol that is built on top of SPF and DKIM protocols. SPF and DKIM are prerequisites of DMARC and must be in place before setting up a DMARC policy.
A DMARC policy allows a sender to indicate that their emails are signed by SPF and DKIM and tells a receiver what to do if neither of those authentication methods passes – such as junk or bounce the email. DMARC removes the guesswork from the receiver’s handling of these failed emails, limiting or eliminating the user’s exposure to potentially fraudulent & harmful emails. DMARC also provides a way for the email receiver to report back to the sender about emails that pass and/or fail DMARC evaluation.
Note there is no specific configuration needed in Zolute Email besides ensuring that your SPF and DKIM are both valid. Further, a DMARC policy on your domain(s) will affect all of your email sending from that domain (not just the mail you are sending through Zolute Email) so you need to ensure you are using SPF and DKIM for all your email delivery.
The following are example DMARC TXT entries to setup on your domain(s) DNS.
Option 1- Setup your DMARC policy to simply notify you of mail that is not passing SPF and DKIM
Host/Name:_dmarc
Value: v=DMARC1;p=none;pct=100;rua=mailto:[email protected];ruf=mailto:[email protected]
Option 2- When you are no longer receiving negative reports, change your DMARC policy to quarantine which will not necessarily bounce email, but indicate to the recipient server they should consider quarantining it (junk or spam folder).
Host/Name:_dmarc
Value: v=DMARC1;p=quarantine;pct=100;rua=mailto:[email protected];ruf=mailto:[email protected]
Option 3- When you are satisfied that you are validating all the email from your domain(s) with SPF and DKIM change the policy to reject which will bounce the emails that do not pass SPF and DKIM validation.
Host/Name:_dmarc
Value: v=DMARC1;p=reject;pct=100;rua=mailto:[email protected];ruf=mailto:[email protected]
5. MX
For most users, you will not be adding or changing any MX records in your domain's DNS. The only reason why you would change or add an MX record for use with Zolute email is if you are using Inbound Email Notifications which are webhooks that are part of our HTTP API. Otherwise, this will give you a green check mark if you have an existing MX record that is used for directing mail to your own mail server. If it does not give you a green check mark then you do not have any MX records for your domain. This is OK - it is not required and all it means is that you do not currently have a mail server setup for your domain.
6. Verify
Go to your Settings>>Domains screen.
Add your domain (yourdomain.com). Click verify.
Green check marks mean that the record has been added correctly.
7. Default Domain
When there is a default domain set on the account, if an email is sent from a non-verified domain ([email protected] for example) then the emails are still branded using the default domain. If there is no default domain set, and an email is sent from a non-verified domain then zolute.email is used. Also, if a default domain is set, then sub-accounts will inherit the ability to use the default verified sender domain on the main account.