Having an email with your own domain name adds a level of professionalism. However, if the emails you send can never reach the intended recipient then its only 50% valuable. To stop the onslaught of spammers, email providers have now required more and more security protocols to be set up in order for the emails to be received. If the domain name is not set up properly, then many times the email will automatically be placed in the recipients spam or not even received at all. In this article we will go over what to know when setting up your email for your business.

Ask yourself who sends out email.

A business might have multiple servers/services sending out email with their domain and each one needs to be set up with DNS record security protocols.  E-mail sending protocols are basically you saying what computers/services are allowed to send out e-mails on behalf of your domain. So each service will need to have a special code created that is then placed in a record where you registered your domain or with the company handling the DNS. Then when the computer/service sends the email to a recipient, the receiving email company will check to see if that computer/service is allowed to send emails for this domain, if its not, it will block or send the email to spam. A few years ago email companies were kinda loose about these rules because its a pain in the butt to set up, but because spam has become such a problem, many companies have had tighten security to avoid being overrun.

Some examples of services you might use:  email service like G-Suite or Zoho mail, a mailing list company like MailChimp or SendGrid, a computer web host provider like StoreGear or one of our competitors like Shopify. Each service sending out emails with your domain will need to be set up with their security keys in the place where the DNS is being handled.

There are 2 main security protocols to set up and they are both different in the way they work.

Overview of the security standard records: SPF and DKIM

SPF record is a single record (it should be set up as a single line) that contains all the the computer addresses and server domains sending out emails on your domains behalf. For some email companies this is good enough, for some its not. Here’s an example of a SPF record:

v=spf1 include:zoho.com include:servers.mcsv.net ip4:343.949.49.44 ~all

A DKIM record takes a bit more work to set up when compared to a SPF record. With a DKIM record, a special long unique code needs to be generated by the email service sending out the email in the services settings,  then this special “code” needs to be added to the DNS records. It will look something like this:

v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3HWDCYFSJWUGQNEJDiQKBgQC3DZl++WhmTK+Q08MIkdVU9Vi1jXP8W9I8gMhdWLXWnvAxhJxWX7TtO+nvz6Ri7sGQLtKPKxGGG+akG4Di/1OY7DyEHdUwa2p9N2SwWllZDkkomkM80GB8L6+xEbGnVr52ppTewN3en26FTQEx4HkFF+ThgtDWRfM9FvJHkXucgQIDAQAB

A separate code will need to be created and a separate dns record will need to be added for each email service.

Taking things further: DMARC record

When your domain has been used for sending out fake emails, you might get black listed. To get back in good graces takes some work, first you must set up your SPF and DKIM records. Once both these records are set up you can then add a DMARC record. A DMARC record looks at both your SPF and DKIM records, and then also sets up a way to start tracking who’s sending out fake emails on your behalf (or ones you forgot to set up records for),  In the DMARC record you set up an email “abuse” email to send the data of all the bad emails. You can customize how many emails are in the report as well as other settings. When other email addresses see you trying to tighten up your email security, they then start to let you back into their good graces.

Visual of how DMARC works:

Those are the broad strokes of business email to help you understand the vocabulary involved.If you are relying on you “fake it till you make it” webmaster or “marketing” person for your business and they have never set an SPF record up before….you might want to rethink that decision 🙂 There is an art form to setting up the records, so you want to work with somebody that knows what they are doing and has experience setting these records up properly.