How Do I Add MX, SPF, DKIM, and DMARC Records for My Domain?

In this article, we will cover how to Add MX, SPF, DKIM, and DMARC Records for your Domain.

To properly authenticate your email, have high email deliverability, and avoid issues like email spoofing it is recommended to configure SPF, DKIM, and DMARC records for your domain.

If your domain is pointed to Shricloud nameservers then please follow the steps below to configure the same for your domain.

1) Log in to Shricloud Control Panel

2) Choose your Domain name (Example – scncf.info)

3) Navigate to MX Records under Email Manager

4) Adding MX Records

If you are using email accounts that come with Shricloud Hosting then Leave the default MX as it is and Ensure this option is checked “Use this server to handle my e-mails”. In this case, no additional changes are required.

And if you are using third-party providers like Google WorkSpace, Zoho Mail, or Microsoft 365 for your Email accounts then Uncheck the option “Use this server to handle my e-mails” and Select the respective MX Template (Example – Google Suite MX) and Click on Save button

And if you are not using any of the above providers or Shricloud email then delete existing MX records and Add Custom MX Records using Add Record button

5) Adding SPF Record

Go back to Shricloud Control Panel Dashboard > Click DNS Management

Click on the Add Record button. Select TXT under Record Type. Enter the SPF Record Value of your Email provider and Hit Add button

Note: If you are using Shricloud Email then make sure to specify the below tag in your SPF Record for proper email delivery.

Add “include:mail_spf.shricloud.com” in the SPF record

6) Adding DKIM Record

To easily add DKIM Record for your domain Go to the E-mail Accounts section and simply click on Enable DKIM button

This will add the DKIM record for your domain.

If you need any help with Adding Mail DNS records for your Website, please feel free to contact our customer support team.

For your convenience we have provided more information about MX, SPF, DKIM, and DMARC records:

MX, SPF, DKIM, and DMARC are all DNS (Domain Name System) records used to improve email deliverability and security. Here’s a brief overview of each:

1. MX Records (Mail Exchange Records):
   • MX records specify the mail server responsible for receiving and handling email messages on behalf of a domain.
   • When someone sends an email to an address associated with your domain (e.g., user@example.com), the sender’s mail server queries the DNS for your domain’s MX records to determine where to deliver the message.
   • MX records typically point to the domain’s mail server or to a third-party email service provider’s servers.
2. SPF Records (Sender Policy Framework):
   • SPF records specify which mail servers are authorized to send emails on behalf of a domain.
   • SPF works by publishing a list of authorized sending mail servers in the domain’s DNS records.
   • When an email is received, the recipient’s mail server checks the SPF record of the sender’s domain to verify if the sending server is authorized to send emails for that domain.
   • If the sending server is not listed in the SPF record or is listed as unauthorized, the recipient’s server may reject the email or mark it as suspicious.
3. DKIM (DomainKeys Identified Mail):
   • DKIM is a method for associating a domain name with an email message, allowing a recipient to verify that the message was indeed sent by the domain’s owner.
   • DKIM works by adding a digital signature to the email header using cryptographic techniques.
   • The domain owner publishes a public key in their DNS records, and the sending mail server uses the corresponding private key to generate the signature.
   • When the recipient’s mail server receives the email, it retrieves the public key from the sender’s DNS records and uses it to verify the signature. If the signature is valid, it confirms that the email has not been altered in transit and was indeed sent by the claimed domain.
4. DMARC (Domain-based Message Authentication, Reporting, and Conformance):
   • DMARC is an email authentication protocol that builds on SPF and DKIM to provide domain owners with greater control over their email authentication policies.
   • DMARC allows domain owners to specify how they want emails that fail SPF or DKIM checks to be handled (e.g., reject, quarantine, or deliver with modifications).
   • DMARC also enables domain owners to receive reports about email authentication failures, providing visibility into email activity and potential abuse of their domain.
   • By implementing DMARC, domain owners can enhance email security, protect their brand reputation, and improve deliverability by reducing the likelihood of their emails being classified as spam or phishing.