Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Emails Rejected or Filtered

            Created by Dan Campbell, Modified on Tue, Jul 29, 2025 at 8:51 AM by Dan Campbell

            Overview

            To improve email deliverability and comply with updated spam filtering policies from major providers like Gmail and Microsoft 365, all domain owners must ensure their DNS records are properly configured with SPFDKIM, and DMARC. These records help verify that your emails are legitimate and not spoofed, reducing the risk of your messages being marked as spam or rejected entirely.

            This guide walks you through what each record does and how to configure them.

            This internet facing tool helps validate the configuration of these types of records.

            1. SPF (Sender Policy Framework)

            What it does:
            SPF specifies which mail servers are authorized to send email on behalf of your domain.

            How to configure:

            1. Log in to your domain registrar or DNS hosting provider.
            2. Add or update your TXT record with your SPF policy.
              Example:
              v=spf1 include:spf.protection.outlook.com include:_spf.google.com -all
              • Replace the included domains with those of your email service providers.
              • Use -all to strictly deny unauthorized senders.

            ✅ Tip: Only one SPF record is allowed per domain. Combine all services into a single record.

            2. DKIM (DomainKeys Identified Mail)

            What it does:
            DKIM adds a digital signature to your emails, allowing recipients to verify that the message was not altered in transit.

            How to configure:

            1. Enable DKIM in your email provider’s admin console (e.g., Microsoft 365 or Google Workspace).
            2. Publish the provided CNAME or TXT records in your DNS.
            3. Wait for DNS propagation and verify the setup in your provider’s dashboard.

            ✅ Tip: Each provider may use a different selector (e.g., selector1._domainkey.yourdomain.com).

            3. DMARC (Domain-based Message Authentication, Reporting & Conformance)

            What it does:
            DMARC builds on SPF and DKIM to tell receiving servers how to handle unauthenticated emails (e.g., quarantine or reject them). It also provides reporting.

            How to configure:

            1. Add a TXTrecord to your DNS:
              Name: _dmarc.yourdomain.com  Value: v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@yourdomain.com; pct=100
              • p=none (monitor only), p=quarantine, or p=reject
              • rua is the email address where reports will be sent.

            ✅ Tip: Start with p=none to monitor, then move to quarantine or reject once you're confident in your SPF/DKIM setup.

            Why This Matters

            Email providers are tightening their spam filters. Without proper SPF, DKIM, and DMARC records:

            • Your emails may be marked as spam or rejected.
            • Your domain reputation could suffer.
            • You may not be notified when delivery fails.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0