Authenticating emails with DKIM & SPF helps to maximize email reputation and deliverability. DKIM (DomainKeys Identified Mail, pronounced dee'-kim) is an important email authentication mechanism for protecting senders and receivers from forged email. SPF (Sender Policy Framework) is a type of DNS record used to identify which mail servers are permitted to send email on behalf of a domain.
SharpSpring provides an in-application configuration tool which creates the correct DNS records, so your mail can authenticate with DKIM & SPF using the same domain you send from.
Setting up DKIM is simple and only takes 5-10 minutes if you have access to your DNS settings (outside of SharpSpring). We have several different help resources available for you to get started. Below is a list of clickable help articles related to DKIM including how-to instructions and videos on setting up DKIM for various popular providers:
Setting up DKIM and SPF in SharpSpring
Step One: Navigate to Settings > Email Settings, and make sure you have verified a domain. The domain must be verified before configuring DKIM.
Step Two: Within the DKIM & Sending Domains tab, find the domain on which you would like to setup DKIM & SPF. Only one domain per SharpSpring instance can be authenticated with DKIM & SPF, choose the domain from which you will be sending the largest percentage of your email.
Step Three: After choosing the domain, click Setup DKIM. The configuration tool will generate five CNAME records pointing at your unique DKIM keys. These CNAME records will need to be added to your domain’s DNS settings, which is often handled by your Domain Name Registrar (GoDaddy, HostGator, Namecheap,etc.). It may also be managed by a dedicated DNS service provider such as DNSimple or EasyDNS.
Note: If CNAME records are unfamiliar to you, it’s always recommended to take the CNAME records from SharpSpring and contact your Domain Registrar’s support team to ensure correct setup.
Here is a breakdown of each of the keys:
- em is an SPF record. An SPF record is a type of DNS record that identifies which mail servers are allowed to send email from your domain.
- s1._domainkey and s2._domainkey are used for the DKIM authentication. These keys authenticate the message in transit as it’s being handed off to the recipient server.
- link and owner are used for white-labeling email links. Once you add these last CNAME records, links in your emall will appear go through yourdomain.com.
Step Four: After the CNAME Records have been added to your DNS, we can verify DKIM & SPF in SharpSpring. Head back into Settings > Email Settings > DKIM & Sending Domains. Under the DKIM status column you will see green checkbox, confirming the setup. If you are still seeing “Waiting on CNAME Records”, note that it could take as long as 24 hours for the DNS settings to update.
Frequently Asked Questions
Q. How do I implement the CNAME records on my own?
A. If you would like to attempt to implement the CNAME records, reach out to your Domain Registrar or DNS service provider for instructions, as the setup varies based on the registrar / service provider. Here are the links to the help documentation for a few popular registrars and service providers: GoDaddy, HostGator, Namecheap, DNSimple.
Q. How can I check to see if I set the CNAME records up correctly?
A. I’d recommend using a tool called MxToolBox, insert the full key name from SharpSpring (example: em.yourdomain.com, s1._domainkey.yourdomain.com, etc.), change the search to CNAME Lookup and search. If successful, you should see the Data from SharpSpring (example: em.v*****.c********.e.marketingautomation.services) under the Canonical Name column in MxToolbox.
Q. How does this impact what my email looks like in the inbox?
A. The email will show the sending domain as the domain you have configured with DKIM (signed-by), and a return path (mailed-by) including that same domain.