SPF and DKIM settings - Simply Support

Simply CRM supports popular email authentication standards, DKIM & SPF, to improve deliverability. It is important for you to understand the following to increase the success rate of your email campaigns.

Why should I authenticate my domain ?

Email Service providers / ISPs (ex: Gmail, Yahoo) continuously work to rid their networks of spam. This is increasingly difficult as spammers employ new techniques to avoid blacklisting and content filters.

One tactic that spammers often use is email forging (making a message appear to come from one domain/source, while actually sending it from another). Email Service providers combat email forging with various forms of Email Authentication.

How many authentication standards are there ?

Not all ISPs use the same technology to authenticate incoming messages, and so in order to get the best email deliverability possible you need to use each of the major authentication standards.

Simply CRM supports two major authentication standards:

Sender Policy Framework (SPF)

DomainKey Identified Mail (DKIM)

What is SPF ?

SPF allows the owner of a domain to provide a list of servers (ip addresses) that are “legitimate” and that they take responsibility for. That way, if an email message purports to be from that domain, but isn’t listed in that domain’s legitimate mail sources, the ISP can refuse the message.

Many providers such as Google, Outlook, Yahoo, AOL, Verizon, Earthlink, Outblaze, Road Runner, Bellsouth, Charter, Shaw, Adelphia, and Juno also use SPF.

More about SPF : http://www.openspf.org/Related_Solutions

What is DKIM ?

DKIM works slightly differently than SPF. It uses a “private key” to create a signature for both the contents of the message, as well as some key headers of the message. This signature is attached to the message.

When the message is delivered to the destination ISP, the ISP obtains the public key from the sender domain to verify that the signature is correct. If the public key allows the destination server to decrypt the supplied signature to the same value it computes as the signature, it can assume the sender is indeed who they claim to be.

To authenticate your emails with DKIM, you should download the keys from Email Campaign section in Simply, and then add the keys to your domain record.

More about DKIM: http://www.dkim.org

How important is it to add SPF and DKIM authentication ?

If you own your domain or have access to the domain’s DNS settings, we recommend adding the DNS records. When you add the SPF record to your domain, it allows receiving email servers like Hotmail, Gmail, Yahoo, and others, to verify that Simply/Amazon mail servers are authorized to send emails on behalf of your domain.

Simply uses Amazon SES service to deliver all outgoing emails from email campaigns module. You need to add Amazon’s server information to explicitly give Simply servers permission to send on your behalf.

The DKIM record allows Simply to digitally ‘sign’ your emails for your domain. When the recipient server receives the email, it will contact your domain record to get the key used to sign the email and validate.

Email verification for each instance of Simply

Why should you verify your Email before sending a campaign ?

You need to verify email because verifying confirms that this email address exists. Without verification of your email you cannot send a campaign nor even proceed further to create a campaign.

What do you mean by verified email bounded to each instance ?

When you verify your email ID that you are going to use for Email Campaign, that email will be bounded to that verified instance.

Example : Assume there is an instance named as ABC.od1.simplyhq.com. You have a verified email as youremailid@abc.com. After verification this mail id will be bounded to ABC.od1.simplyhq.com.

Suppose there is another instance like XYZ.od1.simplyhq.com which is trying to use your email id. Then it will show a message saying “Illegal access to verified email detected”.

Domain verification for each instance of Simply

Domain level verification helps in increasing deliverability of Email Campaigns. While sending Email campaigns, there are chances that only some mails may land in the inbox folder and remaining might go to your spam/junk folder.

To avoid this we strongly recommend to verify your domain.

How to verify your Domain ?

Enter your email id in the From Email field in Step1 – sudheer.m@simplyhq.com. If the domain simplyhq.com is not verified then it will show the below screen.

Click on Download DKIM & SPF Keys button and you will get the below popup screen.

Copy the records in the popup and then login to your host provider account (godaddy,hostgator, etc). Enter the CNAME and SPF records in the DNS zone and save it. After saving, it usually takes upto 72 hours for the verification of your domain. Once its verified, you would be able to see a message as shown below. To check the status of the verification you can enter your email address in the “From Email” field.

For reference you can download them as a csv file by clicking on the “Download as CSV” button.

What happens if I try to access someone’s verified email address ?

When you try to access an already verified email / domain, it will show you the “illegal access detected” message and not let you to proceed.

Contents