Skip to main content
What are SPF and DKIM?

Learn how the SPF and DKIM email protocols can help your email security and deliverability.

Updated this week

The article looks complicated, can you just give me a quick summary of what these terms mean?

SPF = Proof it was actually you who sent the email
DKIM = The email that was sent by you wasn't altered by someone else along the way

How do I know if these are set up correctly?

Run the SourceWhale deliverability tester found here to see, amongst other things, if you have SPF and DKIM set up correctly for your domain and email provider.

SPF - 'Sender Policy Framework'

SPF records are essential for email security. They specify which IP addresses are authorized to send emails from your domain, helping to prevent email spoofing. When an email is received, its sending server's IP address is checked against the SPF record. If the IP isn't listed in the SPF record, the email might be considered spoofed and rejected as spam. Different services you utilise to send emails will have their own mail servers and hence different IP addresses.

For example, Gmail or Office365 will have a set of IP addresses which they send email from on your behalf vs your marketing platform (MailChimp etc.) or CRM.

How do I setup SPF Records:

  • For Gmail users, review the recommended SPF settings here.

  • For Office 365 users, check the appropriate settings here.

Note: Using an incorrect SPF record can be more problematic than having none, particularly if you've recently switched email providers.

Correcting an Incorrect or Missing SPF Record: If you find that your SPF record is incorrect or missing, update it in your domain’s DNS settings. This task is typically handled through your domain registrar. They can assist you in adding or modifying the TXT record with the correct SPF information. Remember, changes in DNS records may take a few hours to propagate across the internet. Your DNS provider can offer more details about this process.

Do I need to do anything differently for SourceWhale?

No, as long as your normal day to day emailing provider (Gmail, Office365, Exchange etc.) has a valid SPF record on your domain then SourceWhale will be setup correctly.

DKIM - 'Domain Key Identified Mail'

DKIM uses public key cryptography to secure your emails. Your email server encrypts the message using a 'private key' (nobody else knows this). The recipient's server uses the corresponding 'public key' (this is available for all to see) to decrypt the message once they receive it.

This process verifies that the email is legitimately sent from your domain and remains unaltered during transit. Implementing DKIM can enhance your email's credibility and improve its standing in anti-spam evaluations conducted by email providers.

How do I setup DKIM?

  • For Gmail users, follow the guide here.

  • For Office 365 users, check the appropriate settings here.

Do I need to do anything differently for SourceWhale?

No, as long as your normal day-to-day emailing provider (Gmail, Office365, Exchange etc.) has DKIM correctly setup then SourceWhale will be setup correctly.


Stuck or need some help? Click on the chat icon at the bottom right-hand corner to connect with our support team! 💬

Did this answer your question?