DKIM/SPF and DMARC

Problems with sending to Gmail: Setup SPF and DKIM

Since May 2022, Google has tightened SPF control over emails sent to Gmail and returned the emails with an error message that the verification of at least one of the two parameters SPF or DKIM was not successful.

Here is an example of an error after sending to Gmail:

—–OriginalMessage
From: mailer-daemon-register.it ?mailer-daemon?register.it?
Posted on: March 2022
A: xxxx xxxxxx
Subject: Delivery status notification
This is an automatically generated delivery status notification.
Delivery to the following address has failed:
* xxxxx.gmail.com
Reason: This has failed at host paganini04.register.it Delivery to the following recipient: xxxxx.gmail.com
The error returned by the remote server is:550-5.7.26 This message has no authentication information or fails on message internal id: Pk60n405wabJPk61n0HSA The original message is attached below.

informazioni as it

The procedure to solve the problem is quite simple and consists of creating an SPF record or a DKIM record. These two records, configured on your domain’s DNS, will give you the ability to authenticate your messages.

What is the SPF?

SPF (Sender Policy Framework) is a type of DNS TXT record that lists all servers that are authorized to send emails from a particular domain.

How do I configure the SPF?

In your customer area, click on the desired domain (find out how to access your personal customer area here)

SWIZZHosting Aktivierung DE 01

Now click on EMAIL

Mozilla Firefox 7

Click on ACTIONS at the top right and select SPF

E Mail Adressen verwalten 2
important as it

Check the message that the system shows you:

SPF record set correctly: You do not need to perform any other operation, the SPF is already configured correctly

E Mail Adressen verwalten 3

Absent SPF: The SPF is not available. To configure the SPF tab, click on Create

Troubleshoot Gmail Setup SPF und DKIM Register com

SPF out of register standard: The SPF is already set, but does not correspond to the standard register. If you use other providers for sending, remember that the record must contain all the correct values.

Troubleshoot Gmail Setup SPF und DKIM Register com 1

Domain on external DNS: You must update your DNS record manually. If you use register platforms for sending, remember to enter the default value.

Troubleshoot Gmail Setup SPF und DKIM Register com 2
informazioni as it

Configuring the DKIM can be an alternative to creating the SPF for all cases where you want to send with your domain from an external SMTP to registries, e.g. an SMTP from another provider, an external bulk mail system, etc.

What is DKIM?

DKIM (Domain Keys Identified Mail) is a record created on DNS that enables the authentication of an email through a digital signature associated with that domain.

How do I configure the DKIM?

In your customer area, click on the desired domain (find out how to access your personal customer area here)

SWIZZHosting Aktivierung DE 01

Now click on EMAIL

Mozilla Firefox 7

Click on ACTIONS at the top right and select DKIM

E Mail Adressen verwalten

Activate DKIM and close the popup

E Mail Adressen verwalten 1
warning as it 150x150 1

The inclusion of the SPF provided by Register is valid and guaranteed in case of sending from our platforms.

If you use a different sender, we ask you to provide the specific SPF.

What is DMARC?

DMARC stands for «Domain-based Message Authentication, Reporting and Conformance». It was developed to reduce e-mail misuse. This technology is based on the specifications for DKIM (Domain Keys Identified Mail) and SPF (Sender Policy Framework).

Using the DMARC policy, you can specify that your emails are protected using the SPF (Sender Policy Framework) and DKIM (Domain Keys Identified Mail) procedures. You can also use this policy to define how the recipient should handle email messages depending on the results of the DKIM and SPF check and inform you as the domain owner of any misuse.

DMARC policies are added in the form of a TXT record. This entry is called a DMARC record. It is created with the subdomain name _dmarc (e.g. _dmarc.example.com). The content of the TXT record consists of tags that are separated by semicolons.

Configuring a DMARC record

In your customer area, click on the desired domain (find out how to access your personal customer area here)

SWIZZHosting Aktivierung DE 01

Now click on EMAIL

Mozilla Firefox 7

Click on ACTIONS in the top right-hand corner and select DMARC

E Mail Adressen verwalten 4

Now you can enter the desired parameters and click on CREATE

E Mail Adressen verwalten 7

Structure of a DMARC record

Example: v=DMARC1;p=reject;pct=100;rua=mailto:beispiel@email.com

Name of the tagExample: v=DMARC1
vv=DMARC1
pp=none/quarantine/reject

none: Recipient is asked not to perform any action.
quarantine: The messages are marked as spam.
reject: Emails are rejected
pctPercentage of emails to be filtered. This value specifies the percentage to be filtered using the DMARC policy. The specified value must be a number between 1 and 100. The default value is 100.pct=100
callEmail address to which the error reports are sent.ruf=mailto:beispiel@email.com
ruaEmail address to which status reports are sent.rua=mailto:beispiel@email.com
spPolicy for subdomains.sp=none/quarantine/reject

none: Recipient is asked not to perform any action.
quarantine: The messages are marked as spam.
reject: Emails are rejected
adkimDetermines how exactly the emails must match the DKIM signatures.adkim=r/s

r: Relaxed. Every valid subdomain is accepted in the DKIM email headers.
s: Strict. The header of the emails must match the value d=name in the DKIM email headers exactly.
aspfDetermines how exactly messages must match the SPF signatures.aspf=r/s

r: Relaxed. Every valid subdomain is accepted in the DKIM email headers.
s: Strict. The email header must exactly match the domain name in the «SMTP Mail FROM» command.
If you have any further questions, you can reach us by telephone between 8:00 - 12:00 and 13:00 - 17:00 at +41 (0) 848 69 69 69