Fixing Email Deliverability Issues with DMARC, DKIM & SPF

If you are noticing email deliverability issues (your emails bouncing or going to spam), especially for Yahoo and Google email addresses, it is probably because of the changes to email requirements from the start of Feb 2024.

Previously, anti-spam measures DKIM & DMARC were recommended, but now they are required by Google and Yahoo. So if you haven’t got them set up properly, your emails will not be getting through.

How Does DMARC, DKIM & SPF help with Email Deliverability & Security?

Email spammers can easily send emails out and say they are from whoever they like. So these records are used to state where your emails are allowed to be sent from and verify the emails you send as legitimate.

DMARC (Domain-based Message Authentication, Reporting & Conformance)

How it Helps: DMARC prevents email spoofing and phishing by ensuring that the sender's domain is authenticated. It states a policy for what to if SPF and DKIM checks fail on your domain.

Why it's Important: Without DMARC, malicious actors can send emails that appear to be from your domain, causing trust issues and potential harm.

Example DNS Record: IN TXT "v=DMARC1; p=none; rua=mailto:[email protected]

DKIM (DomainKeys Identified Mail)

How it Helps: DKIM adds a digital signature to your emails, ensuring that the content hasn't been tampered with during transit. It enhances email integrity and authenticity.

Why it's Important: Email recipients can verify that the email they received is indeed from your domain, reducing the risk of phishing attacks.

Example DNS Record: IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3

SPF (Sender Policy Framework)

How it Helps: SPF validates the authenticity of the sending server, preventing spammers from forging your domain in the "From" address.

Why it's Important: SPF ensures that only authorized servers send emails on behalf of your domain, reducing the likelihood of your emails being marked as spam.

Example DNS Record: IN TXT "v=spf1 ~all"

So if you are not sure if your email records are set up correctly, there are plenty of great free tools for checking, such as & and if you need help with getting these in place, feel free to email [email protected] and our team can help you set up these records in your Cloudflare DNS.

Note that you usually need to get the records for DKIM from your email service provider and give this to use to set it up in your DNS for you.