How do I add Email Authentication (DKIM / SPF / Text records)
To combat spam, or unwanted email, most ISPs (Internet Service
Providers) and email providers (e.g. Gmail, Yahoo, Hotmail) employ
sophisticated spam filters that are regularly updated. Whilst this is a
good thing, it can also mean authentic emails can incorrectly get
marked as spam.
Email Authentication is the
effort to equip outgoing messages of the email transport system with
enough verifiable information, so that recipients can recognize the
nature of each incoming message automatically.
DomainKeys Identified Mail (DKIM)
lets an organization take responsibility for a message that is in
transit. The organization is a handler of the message, either as its
originator or as an intermediary. Their reputation is the basis for
evaluating whether to trust the message for further handling, such as
delivery. Technically DKIM provides a method for validating a domain
name identity that is associated with a message through cryptographic
authentication.
Further reading: http://www.dkim.org/
Sender Policy Framework (SPF) is an open standard specifying a technical method to prevent sender address forgery. More precisely, SPF protects the envelope sender address, which is used for the delivery of messages.
Further reading: http://www.openspf.org/
Whilst
no system is foolproof, agreed standards do exist and in most
circumstances, there is no need to change the default settings on the
Purple Dog server. You are advised to contact us first unless you are
certain of what you are doing.
Records
can be modified by logging in to you hosting account cpanel (e.g.
www.example.com/cpanel) and navigating to email > email
authentication.
=================================
Set up DKIM
DKIM helps verify the sender and integrity of a message. It allows an
email system to prove that a message was not altered during transit
(meaning it is not forged), and that the message came from the specified
domain.
- To use DKIM, click Enable.
- To disable DKIM, click Disable.
Note: If a warning is displayed claiming cPanel is
unable to verify that the server is an authoritative nameserver for the
specified domain name and either of the following scenarios is true,
then please ignore it.
- The server has been changed to be the authoritative DNS server for the domain name, but the change has not yet propagated.
- The server does not view itself as the authoritative DNS server, but outside servers do view it as authoritative.
Set up SPF
This function attempts to prevent spammers from sending email while
forging your domain’s name as the sender (spoofing). This authentication
function works by adding IP addresses to a list, specifying computers
that are authorized to send mail from your domain(s). It verifies that
messages sent from your domain(s) are coming from the listed server,
reducing the amount of backscatter you receive.
- To use SPF, click Enable.
- To disable SPF, click Disable.
Note: If a warning is displayed claiming cPanel is
unable to verify that the server is an authoritative nameserver for the
specified domain name and either of the following scenarios is true,
then please ignore it.
- The server has been changed to be the authoritative DNS server for the domain name, but the change has not yet propagated.
- The server does not view itself as the authoritative DNS server, but outside servers do view it as authoritative.
Advanced Settings
This section includes a number of ways to configure SPF authentication. The available options are:
- Additional Hosts that send mail for your domains (A): The
additional hosts specified here are automatically approved to send mail
from your domain(s). You may add and remove hosts using the appropriate
buttons.
- Additional MX servers for your domains (MX): MX entries specified here are able to send mail from your domain(s).
- Additional Ip blocks for your domains (IP4): IP addresses
approved to send mail from your domain(s). Your server's main IP address
is automatically included in this list. If you add IP addresses, you
must use CIDR notation. (Example:
192.168.0.1/32)
- Include List (INCLUDE): This feature allows you to specify additional hosts to include in your SPF settings. This is useful when sending mail with another service.
- All Entry (ALL): If you select this option, the system will exclude domains not included in the lists defined above.
- Overwrite Existing Entries: If you select this option, the system will overwrite existing SPF entries.
cpanel unable to verify authoritative nameserver
Hello 
That message typically indicates the use of external name servers for
the domain name associated with the account. Can you modify it's name
servers at the registrar so it uses the cPanel server for hosting the
DNS?
