The methods to secure email delivery have improved significantly over the last few years. It is now time to make sure that your email security methods are up to date to ensure the highest delivery into your customer's inboxes. We're here to help you do that.
SPF - a refresher
Adding an SPF record on your domain is the bare minimum recommended for ensuring delivery of your emails into your contact's inbox.
SPF stands for Sender Policy Framework, and is a method of telling email gateways which domains or IP addresses are allowed to send email on your behalf. It has been in operation for a long time, and we have strongly recommended the addition of an SPF record on your domain for many years.
DKIM is a fairly recent addition to the arsenal aimed at ensuring that only authorised senders and unmodified emails are delivered to email inboxes, by digitally signing your emails with a private key that only authorised senders have access to and checking that key against the message that arrives. DKIM is being checked by enough email gateways now to make it an important factor in email delivery, hence the addition of support for this method of digitally signing your emails into Enudge.
Implementing DKIM with Enudge involves the following steps:
Generate a DKIM key pair (Public Key and Private Key) - this can be done using a service such as Easy DMARC - DKIM Record Generator. When doing so, make sure to set the Selector value as "enudge". If you have an existing DKIM setup, please generate a new pair of keys specifically for Enudge configuration. We will not be using your existing private key to protect your security.
Add a TXT record for your DKIM Public Key to the DNS of your domain. You may need to ask your web host for help to add the record.
Provide Enudge with your Private Key, and it's Selector, to be used to sign your emails as they are sent from Enudge. We will also need to know the domain name the records were added to. Send the information to firstname.lastname@example.org.
Once the key has been added to Enudge, test that the sent emails pass the DKIM tests using a service such as www.mail-tester.com
DMARC is a record on your domain which works alongside your digitally signed emails to give email gateways a method of informing you when problematic emails, with your domain as the sender, have arrived at their email gateway. The expectation is that you will ensure that all legitimate senders are using your DKIM keys to digitally sign emails, and then that email gateways can reject the rest.
Implementing DMARC with Enudge involves the following steps:
Generate a DMARC record - this can be done using a generator such as Easy DMARC - DMARC Record Generator.
Add a TXT record for your DMARC to the DNS of your domain. You may need to ask your web host for help to add the record.
Once the key has been added to Enudge, test that the sent emails pass the DMARC tests using a service such as www.mail-tester.com
We also strongly recommend that you setup DKIM with all other services that send email on your behalf, for example, Gmail or Office 365.
If you would like our assistance to arrange DKIM certificates, please get in contact. Otherwise, we will be happy to receive your private key to be used during the email send process for your domain.