img-bg
Go to VivintHost.com |
  1. Portal Home
  2. Knowledgebase
  3. Email
  4. Email Security & Authentication
  5. How to Set Up SPF, DKIM, and DMARC Records

How to Set Up SPF, DKIM, and DMARC Records Print

How to Set Up SPF, DKIM, and DMARC Records

When your domain's email authentication isn’t properly configured, you might experience the following issues:

  • Emails you send land in the recipient's Spam or Junk folder
  • Emails bounce with "SPF record failure" messages
  • You receive delivery failure notifications for emails you never sent

These problems often stem from missing or misconfigured SPF, DKIM, or DMARC records. These DNS records are essential for verifying that your domain is authorized to send email and help protect your domain from being spoofed by attackers.

At Vivint Host, we provide robust tools via cPanel to help you set up these records quickly and correctly.

What is SPF?

SPF (Sender Policy Framework) is a TXT record in your DNS settings that tells recipient servers which mail servers are authorized to send emails on behalf of your domain.

Without SPF, anyone could potentially spoof your domain to send malicious emails. With a valid SPF record, recipient servers can verify whether the sending IP address is allowed to send mail for your domain.

Key Notes:

  • SPF records are not created automatically. You must add them manually through cPanel's Email Deliverability section.
  • Sometimes cPanel may auto-detect the wrong outgoing IP address due to changes in email routing. If you're unsure, reach out to our support team to verify your SPF settings.
  • SPF uses a specific syntax. If you're planning to create or edit it manually, we recommend reviewing SPF documentation first.
  • SPF is added as a TXT record in DNS. If another service requires a TXT record for verification, avoid altering the existing SPF. Instead, create a new TXT entry.

What is DKIM?

DKIM (DomainKeys Identified Mail) is a security protocol that attaches a digital signature to your outbound email headers. This signature is generated using a private key and verified on the receiving server using a public key stored in your domain's DNS.

This ensures that:

  • The message hasn't been tampered with
  • The message actually came from the specified domain

Once DKIM is configured, your server will include encrypted header information with each email. Receiving servers compare it with the public key published in DNS to verify its authenticity.

Important:

  • DomainKeys and DKIM are not the same. DomainKeys is an older standard that has been largely replaced by DKIM.
  • DKIM supports stronger encryption, multiple signature algorithms, and more customization.
  • If you need to use DomainKeys specifically, this would require a VPS or Dedicated Server where advanced configurations can be made.

What is DMARC?

DMARC (Domain-based Message Authentication, Reporting, and Conformance) builds upon SPF and DKIM by adding a policy for how receiving servers should handle emails that fail SPF and DKIM checks.

With DMARC, you can:

  • Specify how receiving servers should treat failed messages (reject, quarantine, or do nothing)
  • Receive reports on who is sending email on your domain's behalf

Major email providers like Google and Microsoft recommend or require DMARC to be set up for better deliverability and trust.

How to Configure SPF, DKIM, and DMARC in cPanel

To manage these records at Vivint Host, follow these steps:

Step 1: Log into cPanel

  • Navigate to the Email section
  • Click on Email Deliverability

Here, you’ll see a list of your domains along with their current email authentication status.

Two Options for Configuration

1. Repair

If cPanel detects issues with any domain's records, you’ll see a Repair button next to it.

Note:

  • This option works only if your domain uses Vivint Host’s shared hosting nameservers.
  • You cannot repair multiple domains at once if they share the same DNS zone.

Click Repair, then review the system's suggestions. You can Copy, Customize, or simply Approve the recommended records. Once confirmed, the changes are made automatically to your domain's DNS.

Allow a few minutes for the changes to propagate. When complete, your Email Deliverability status will update to Valid.

2. Manage

Click Manage next to a domain to view or manually configure its SPF, DKIM, and DMARC records.

If you use Vivint Host's nameservers, you'll see an Install the suggested record option to automatically apply the correct values.

You can also copy the suggested records and manually paste them into your DNS settings if your domain is managed elsewhere.

Customizing the SPF Record

Under the Manage section, you'll find detailed controls for adjusting your SPF record.

Configuration Options:

  1. Domain Settings
    • Specify additional hostnames or mail servers authorized to send email for your domain.
  2. IP Address Settings
    • Add custom IPv4 or IPv6 addresses. Your server's IP is automatically included.
  3. Additional Settings
    • Advanced options for fine-tuning SPF behavior.
  4. Preview
    • See what your updated SPF record will look like. Once you're satisfied, click Install a Customized SPF Record to apply it.

Final Steps

After installing or updating your records:

  • Allow a few minutes for propagation
  • Refresh the page to check the updated Email Deliverability status

All done!

Need help at any point? Our technical support is available 24/7. Just open a Live Chat or submit a ticket, and we’ll assist you with email authentication and DNS setup.

At Vivint Host, we take email deliverability seriously. Proper SPF, DKIM, and DMARC configuration ensures your messages get to the inbox – not the spam folder.

Was this answer helpful?

0 Users Found This Useful (0 Votes)

Related Articles

How to Secure Your Email Account (2FA, Strong Passwords) How to Secure Your Email Account (2FA, Strong Passwords)   These days, just a username and... How to Prevent Emails from Going to Spam How to Prevent Emails from Going to Spam When you hit "send" on an email, your goal is simple:... How to Block Unwanted Emails How to Block Unwanted Emails Spam emails are a major nuisance. Not only do they clutter your...
« Back

  Tag Cloud

24/7 Hosting AI web hosting artificial intelligence Beginner Guide Branding Tips Business Email business website vs social media Cloud Hosting Customer Service Data Protection dedicated server DNS DNS hosting do I need a website if I have Facebook Domain Name System Email Hosting holiday website Hosting Provider Hosting Reliability HTTPS is Facebook enough for business new year checklist SEO update shared hosting small business website benefits small business website pages smart hosting SSD Hosting SSL Certificates VPS hosting Web Hosting Web Hosting Basics Web Hosting Security Web Hosting Support Web Hosting Tips Website Backups website design Website Protection Website Security Website Speed Website Tips Website Uptime why businesses need websites

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Network Status
Open Ticket