All Collections
Communication
DKIM and DMARC for email security
DKIM and DMARC for email security
Rob Ward avatar
Written by Rob Ward
Updated over a week ago

DomainKeys identified mail (DKIM) adds a secure signature to your domain to authenticate email sent from users in your company. DKIM is an industry best practice that increases the security of your email domains

Domain-based Message Authentication, Reporting & Conformance (DMARC) is used in conjunction with SPF and DKIM to combat email spoofing. Spoofing occurs when a scammer uses your domain in the From field of an email to impersonate one of your users. DMARC uses a policy that is given by your email provider. This policy tells the receiving email host how to treat emails sent from your domain based on the criteria that you set. This mechanism also gives visibility into reports on what your domain is sending, and how receiving hosts are treating that mail.

If we manage your email, get in touch and we can start the process for you.  If we do not manage your email, follow the steps below:

Enable DKIM

  1. Log into your domain control panel.

  2. Select Sender Authentication (DKIM) and select the domain name to enable.

  3. Click Enable DKIM.

  4. Copy the TXT Record Key and TXT Record value provided.

  5. Navigate to the domain DNS.

  6. Create a new TXT record using the values provided.  Allow around 30 minutes/1 hour and then return to the DKIM page to Verify the TXT record.

DMARC setup

  1. Log into where the domain DNS is managed.

  2. Select to create a new TXT record as follows:

  • Type: TXT

  • Hostname: _dmarc

  • Destination: v=DMARC1; Avoid using p=none; instead, consider p=reject or p=quarantine; rua=mailto:CHOSENemail@yourdomain.com

  • Priority: NA

  • TTL: 3600 seconds or lowest allowed

Replace CHOSENemail@yourdomain.com with an email address on your domain where the DMARC logs will be sent. Usually we would recommend setting up a new email account just for this, such as dmarc@yourdomain.com

Did this answer your question?