Advanced Email Deliverability (SPF, DKIM, DMARC)
1. Overview: Why Email Deliverability Matters
To ensure emails sent from your domain (e.g., invoices, newsletters, notifications) arrive in inboxes, you must configure domain authentication records. These protect your brand from being flagged as spam or spoofed.
✅ CloudWebs supports full DNS-based email authentication using:
-
SPF (Sender Policy Framework)
-
DKIM (DomainKeys Identified Mail)
-
DMARC (Domain-based Message Authentication, Reporting & Conformance)
2. What Each Record Does
| Protocol | Purpose | Required? |
|---|---|---|
| SPF | Lists approved servers allowed to send mail for your domain | ✅ Yes |
| DKIM | Adds a digital signature to outgoing messages | ✅ Yes |
| DMARC | Sets a policy for how receiving servers handle failed SPF/DKIM | Optional but strongly recommended |
3. Setting Up SPF Records
🛠️ Steps:
-
Log into your CloudWebs Dashboard
-
Go to Domains > Manage > DNS Zone Manager
-
Add a new TXT record:
| Field | Value Example |
|---|---|
| Name (Host) | @ or your domain name |
| Type | TXT |
| Value | v=spf1 include:mail.cloudwebs.com.au ~all |
| TTL | 3600 |
💡 Use
~all(soft fail) or-all(hard fail) depending on your policy.
4. Setting Up DKIM
DKIM is typically enabled by default on CloudWebs email hosting and cPanel.
🔐 To check or manually add DKIM:
-
Go to cPanel > Email > Email Deliverability
-
Click Manage next to your domain
-
If DKIM is not present, click Install Suggested Record
Example DKIM Record (TXT):
| Name / Host | default._domainkey.yourdomain.com |
| Type | TXT |
| Value (Example Key Snippet) | v=DKIM1; k=rsa; p=MIGfMA0GC... |
🧠 Each domain will have a unique public key.
5. Setting Up DMARC
DMARC tells email providers what to do when SPF or DKIM checks fail — and allows you to receive reports about who’s sending mail on your domain’s behalf.
📩 Add DMARC Record:
| Field | Example Value |
|---|---|
| Name (Host) | _dmarc |
| Type | TXT |
| Value | v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@yourdomain.com; fo=1 |
| TTL | 3600 |
🛡️ Policy Options:
-
p=none— Monitor only -
p=quarantine— Mark suspicious mail as spam -
p=reject— Block unverified messages completely
6. Tools to Test & Validate Records
| Tool | Purpose | Link |
|---|---|---|
| MXToolbox | DNS, SPF, DKIM, DMARC record lookup | https://mxtoolbox.com |
| Mail-Tester | Send test email and get spam score | https://www.mail-tester.com |
| Google Postmaster Tools | Track domain reputation and deliverability | https://postmaster.google.com |
📊 These tools help identify DNS, formatting, or delivery issues.
7. Common Issues & Fixes
| Symptom | Likely Cause | Fix |
|---|---|---|
| Emails go to spam | Missing or incorrect SPF/DKIM | Add proper records to DNS |
| Gmail shows “via yourdomain.com” | No DKIM or DMARC | Enable DKIM and publish DMARC policy |
| DMARC policy not enforced | p=none set |
Change to quarantine or reject if ready |
| SPF fail in reports | Wrong sending server or missing include | Update include: in SPF record |
✅ Summary Checklist
-
✔️ Add an SPF TXT record listing approved sending hosts
-
✔️ Enable DKIM from cPanel > Email Deliverability
-
✔️ Publish a DMARC policy for better protection and reporting
-
✔️ Use tools to verify and monitor your DNS records
-
✔️ Contact CloudWebs Support if any record fails to propagate
🆘 Need Help?
Use Tayla.AI for guided DNS and email deliverability help, or contact:
📨 support@cloudwebs.com.au with your domain and error details
