Using DKIM & SPF With Third-Party DNS
SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) are two email authentication methods used for email spoofing and to protect against phishing and spam attacks.
There are three core steps to adding DKIM & SPF records to your third-party DNS provider:
Step 1: Ensure DKIM & SPF are enabled
Step 2: Copy your SPF and locate your DKIM signature
Step 3: Add SPF and DKIM Records to your DNS Zone
Step 1: Ensure DKIM & SPF are enabled
- Log in to your cPanel.
- Click Email Deliverabilitylocated in the Email
- Check the Email Deliverability Status.
If it says Valid, then the DKIM & SPF are Enabled.
Step 2: Copy your SPF and locate your DKIM signature
If you use intoHOST name servers, your DKIM record will not be displayed in cPanel.
- To get your DKIM record, you will need to be able to view your full email headers.
- To do this, mail yourself using an external email address, such as Gmail, Yahoo, or a domain hosted on another server, then check the email headers
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=hgunlimited.com; s=default; h=Message-ID:Subject:To:From:Date:
Content-Transfer-Encoding:Content-Type:MIME-Version;
bh=JUmMmS1Lna1PPFKxOCvqS3v+fr8dj4qCwpvucGl1i2o=; b=TNH8rwqFBvZO2m9qcXLollRx82xvvo9RYsfIMl34/k6XMD3WiB6LGMSDCw715EAca6RadiTAq7LtOfAIYhiJ4DE0hPOMnvKGWweypTZLz8cw+x9Zx4I03is55TuxIS5+Vk4g0F5V+gv5Ddr5m8Gni80Yx22aL9qrYkZInBdkU3Z0lTavUgxdLdARscOcS4apQmuOnQfOqOPR8Nof1tg3YhiLs6cTQ/cR+6fT0gngw9+70owkSpY6mydOl1KLDpJBYWHNgyoBFQhx+QqalFZMIj+w2i+3yBdP+EE0nUhBS2J5rxpTett+cfV4Mkmoc88yI1zFYdyld4xBWeeZvgGBmw==;
- You must copy the entire value after DKIM-Signature:to create your DKIM record
Step 3: Add SPF and DKIM Records to your DNS Zone
Now you will need to create 2 TXT records at your third-party DNS provider:
- Login to cpanel click on zone editor under domain section.
2. Click on zone editor you will see a new window click on manage.
3. Click on add record button.
- Record Type: TXT
- Name: example.com. (Please make sure to replace 'example.com" with your actual domain name and be sure to include the extra period (.) at the end)
- TTL: 14400
- Value: Enter the value for the raw SPF record you copied earlier.
- Record Type: TXT
- Name: default._domainkey.example.com. (Please make sure to replace 'example.com" with your actual domain name and be sure to include the extra period (.) at the end)
- TTL: 14400
- Value: Enter the value for the DKIM signature.
After adding your new DNS records, they should function correctly within 4 to 8 hours due to propagation.