Bullet proof DNS for sending emails

Always setup a robust set of DNS records for your emails. Here is the setup I have been using for my self!

Usually it’s easy if the website host is also hosting emails, this information is more useful for situations where the website and email hosting are separate (as they should be).

You can further strengthen your DNS after you have setup the necessary nameservers, A Records, CNAME records and MX Records. Consider adding the following 3 DNS records related sending emails.

  • SPF Record
  • DKIM Record
  • DMARC Record

Information below covers how to add these records.

Firstly, check your records

This is a great tool for checking your email related DNS records in relation to a Gmail setup. Simply visit the Google Apps Check MX Records tool and put in your domain.

Pay attention to the feedback that is given!

Look at the information below in this article to try and address any issues raise by the MX Record Checker.

SPF records

This information is primarily source from Liquid Web.

If your server is running both your web site and your e-mail your SPF record can be as simple as:


yourdomain.com.au. IN TXT "v=spf1 a mx ~all"

If you have separated website and email hosting your spf record might look something like the following:

yourdomain.com.au. IN TXT "v=spf1 a mx ip4: include:_spf.google.com include:spf.mandrillapp.com ~all"

DKIM Records

You can export DKIM Records from CPanel and also Gmail if that is being used.

Follow this guide the create DKIM key for Gmail.

How to generate a DKIM key from CPanel still needs to be added.

DMARC Records

Use this fantastic DMARC wizard: https://www.unlocktheinbox.com/dmarcwizard/

The basic record I created is:

_dmarc.yourdomain.com.au. IN TXT "v=DMARC1; p=none; sp=none; rf=afrf; pct=100; ri=86400"



Tags: , , , , ,

No comments yet.

Leave a Reply