Configuring SPF and DKIM for your Email Domain

Configuring SPF and DKIM for your Email Domain

SPF and DKIM are fundamental email authentication protocols that can help protect email senders and recipients from spam, phishing, and spoofing. SPF allows your recipients to know whether emails from your domain, are in fact sent by you while DKIM verifies whether the emails are generated, from the authorized servers of the sending domains. Both SPF and DKIM are added as TXT records in your DNS settings.

How SPF works?
At the most basic level, SPF establishes mail servers that you've authorized to send emails. This way, receiving mail servers can validate whether the emails sent by you originated from a server that has permission to send on your behalf. The following steps will describe how SPF works:
  1. Creating an SPF record: As the domain administrator, you establish a policy that defines which mail servers are authorized to send emails from your domain. This policy is called the SPF record.
  2. DNS lookup: An incoming email will be verified for the bounce domain in DNS. Then, the inbound mail server will check whether the IP address of the mail sender matches the IP address specified in the SPF record.
  3. Outcome: Now, based on the rules specified in your domain’s SPF record, the mail server decides whether to deliver, flag, or reject the email message. This ensures that legitimate emails sent from your domain are delivered to your customers.

How DKIM works?
DKIM is an email security standard that allows you to claim responsibility for emails in a way that can be validated by the recipients. This is done using a public key and private key to sign and verify emails sent from your mail server. The following steps will describe how DKIM works:
  1. As the domain administrator, you publish a public key as a TXT record in the domain’s DNS records.
  2. When you send an email, the outbound mail server adds a unique digital signature to the email headers. This header will contain two hashes, one of the specified headers, and one of the message body.
  3. When an inbound mail server receives the email, it checks if a DKIM-Signature field exists in the header.
  4. If the signature exists, it uses the public key in the DNS to validate the signature. If the two values match, it indicates that the email was indeed sent by you and is unaltered in transit.

Email Domain Authentication Steps
Authenticating your email domain in Zoho Desk is a simple four-step process:
  1. Add a "From" email address to your Zoho Desk account.
  2. Copy the SPF and DKIM record values for the "From" email address.
  3. Go to your domain hosting website's settings page, paste the copied record values, and publish them to the DNS servers.
  4. After your records are published, verify your domain back in the DKIM verification page inside Zoho Desk.

Step 1: Adding From Email Address 
  1. Click the Setup icon (  ) in the top bar.
  2. Click Email under the Channels menu.
  3. Select From Address under the Email sub-menu.
  4. Click New From Address in the top right corner.
  5. On the New From Address page, do the following:
    1. Select a Department (when you've more than one) from the drop-down menu.
    2. Enter the From Address to be used while replying to tickets. For example, support@zylker.com.
    3. Enter a Friendly Name for your From Address.
  6. Click Save.
    You will receive a verification email to the email address you just added.
  7. Please verify the email address before we proceed to Step 2.

Note:
  1. DKIM and SPF authentication are not available for "From" addresses that send emails using your own SMTP servers.

Step 2: Copying SPF and DKIM Record Values 
  1. Click the Setup icon (  ) in the top bar.
  2. Click Email under the Channels menu.
  3. Select DKIM Authentication under the Email sub-menu.
  4. On the DKIM Authentication page, do the following:
    1. Click Verify corresponding to the domain name of your "from" email address.
      The       DKIM Authentication window opens.
    2. Click the Copy button next to the text records.
      You need to create a TXT record with these values in the DNS Manager.

Step 3: Setting up SPF and DKIM records for your domain 
  1. Go to your domain hosting website from where you have purchased your domain (GoDaddy.com, Cloudflare, BlueHost, etc.).
  2. Paste the Selector Values and the TXT record values copied from your Zoho Desk account in your domain's DNS settings.
  3. Click Publish.
    Note: DNS setup usually updates within 24-48 hours, and your email domain will be verified after the update is complete.

Step 4: Verifying your Email Domain 

After the SPF and DKIM records for your email domain have been published on the DNS servers, follow the steps given below:

  1. Back in Zoho Desk, navigate to the DKIM Authentication page.
  2. Click Verify corresponding to the domain name whose SPF and DKIM records were published on the DNS servers.
  3. The DKIM Authentication window opens.
  4. Click Verify.
    If the DKIM records have been validated for the email domain, the domain's status will be changed to Verified.

Note:
  1. Zoho Desk will look up and verify whether the DKIM TXT records exist in your DNS once every two days.

    • Related Articles

    • Setting up your Email Channel

      Emails are the most widely used and an indispensable mode of communication for your customers to submit tickets to your Zoho Desk. The emails received from your customers are converted into tickets and assigned a unique ticket ID. All you need to do ...

    • Support customers from your own domain

      Provide customer support from your own domain with Zoho Desk. By default, the web address of your Help Center is a Zoho Desk subdomain such as "desk.zoho.com/portal/<mycompany>". However, you can personalize this so that your customers can submit ...

    • Can I change the domain name in the default support email address?

      No, you cannot change the domain name in the support email addresses. Typically the domain name in your support email address is created after the name of your portal that you initially signed up with. Although you can choose a different portal name ...

    • Configuring Zoho BugTracker Integration

      Efficient issue management is the key to the success of any engineering team. In fact, your customers expect a lot from the software you develop, and they provide the best possible feedback. Unless the bugs (read feedback) are resolved and managed ...

    • Configuring Zoho Desk for G Suite

      Are you using G Suite (formerly Google Apps) for business? You can now make it easier for your business teams to collaborate and share information by configuring Zoho Desk for G Suite. Benefits Easily import your business contacts from G Suite to the ...