• View
• Edit
• History
• Print

SPF and DKIM settings of domain for sending email

Verification of Email-address

When sending the letters from system, user can have several email addresses. Domains of these addresses must be verified. For this purpose you should go to Administration > Settings > Mail and select the E-mail line.

You should add your Email-address and click «Save». E-mail address can be only one. The system will check domain and return the warning if the domain is not verified. Verification of domain is executed by setting of DKIM and SPF entries for your domain.

Setting of DKIM, SPF and DMARC entries for your domain

With the help of DKIM-signature, recipient of letter can be convinced that it has really been received from alleged sender. SPF-entry allows to decrease the risk of letters sent from your domain getting to spam.

As the example you can see the setting of SPF and DKIM in the https://pdd.yandex.ru administration panel

1. Open the page of DNS editing in administration panel of company, which the domain is delegated to.

2. Configure DKIM-signature by creating TXT-entry with the following field values:

• Entry name (host, subdomain): retailcrm._domainkey
• Entry type: TXT
• Value:

v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDBb87bdgzUiRs4fPm+8oNigaqFAbZ6p+mdqf0yJvljIOMonZ/SPz6Kh9bujhd7s6bA056EXXp/OghYZNE1NLC7Q4Ut+gjNfzvJyYA6DZ1rjkGFf9iFTOJb+Vvp/NP2ThRarMkUrp+PfS6xDMrDn2qdPGazMSmq1vmW/P7SGh22OQIDAQAB;

3. Setting of SPF-signature.

If there is no SPF-signature with name @, then create new TXT-entry with the following field values:

• Entry name (host, subdomain): @ (or empty string)
• Entry type: TXT
• Value:v=spf1 include:spf.retailcrm.pro ?all

In case if that entry already exists, add the line include:spf.retailcrm.pro to value before expression ?all or ~all or similar

In addition to DKIM and SPF signatures you can configure DMARC (not necessarily).

DMARC (Domain-based Message Authentication, Reporting and Conformance) is the technical specification created for fight against the spammers forging addresses of senders. Thanks to DMARC configuration, domain owners can create rules what to do with letters, which were sent from their domains and have not passed the authorization.

Create new TXT-entry with the following field values:

• Entry name (host, subdomain): _dmarc.yourdomain.ru.
• Entry type: TXT
• Value:v=DMARC1; p=none; rua=mailto:admin@yourdomain.ru

Replace lines yourdomain.ru and admin@yourdomain.ru with your domain name and email address, where the reports of letters, which have not passed authorization, will be sent to.

Be aware that DNS settings changes will not come into force immediately, it can take up to 4 hours for updating information on domain.