Skip to content

TL;DR - When stuff is just too damn long/complicated

SPF, DMARC, DKIM

SPF (Sender Policy Framework):

  • Purpose: SPF helps prevent email impersonation by specifying which servers are allowed to send emails on their behalf.

  • Report: If an email fails SPF, it means the sender's claim about the email's origin is questionable.

Record Example

Type: TXT

Domain:

Coming Soon
Value:

Coming Soon
Notes: None at this time

DKIM (DomainKeys Identified Mail):

  • Purpose: DKIM ensures the email you receive is unaltered and truly comes from the claimed sender by adding a digital signature.

  • Report: A DKIM failure report suggests that the email's digital signature doesn't match the one associated with the sender's domain.

Record Example

Type: TXT

Domain:

Coming Soon
Value:

Coming Soon
Notes: Must be custom generated per application and properly "assigned" almost akin to a public-private keypair.

DMARC (Domain-based Message Authentication, Reporting, and Conformance):

  • Purpose: DMARC builds on SPF and DKIM to provide stronger email authentication and reporting. It helps prevent email impersonation.

  • Report: If you get a DMARC report, it means the sending domain is using DMARC and you're receiving feedback about the email authentication results to monitor authenticity and security.

Record Example

Type: TXT

Domain:

_dmarc.domain.com
Value:

v=DMARC1; p=none;
Notes:

For some reason, a lot of DMARC records are showing as fail, not sure why though... Will update this when I figure out what I am doing wrong.