{"id":11490,"date":"2025-05-06T14:02:31","date_gmt":"2025-05-06T08:17:31","guid":{"rendered":"https:\/\/nestnepal.com\/blog\/?p=11490"},"modified":"2025-10-12T14:59:56","modified_gmt":"2025-10-12T09:14:56","slug":"set-up-spf-record-dkim-record-dmarc-policy","status":"publish","type":"post","link":"https:\/\/nestnepal.com\/blog\/set-up-spf-record-dkim-record-dmarc-policy\/","title":{"rendered":"How to Set Up SPF, DKIM, and DMARC Records – The Easiest Way to Authenticate Users"},"content":{"rendered":"

Introduction<\/span><\/h2>\n

If you’re running a website or business and using a domain-based email<\/a> (like <\/span>info@yourcompany.com<\/span><\/i>), then setting up an SPF record, a DMARC policy, and a DKIM record isn\u2019t just a good idea – it’s essential. Without them, your emails could get flagged, blocked, or impersonated.<\/span><\/p>\n

\"spf-record<\/span>This guide walks you through how to properly set up SPF, DKIM, and DMARC using cPanel or any DNS manager, even if you’re not a tech expert.<\/span><\/p>\n

What Are SPF, DKIM, and DMARC Records<\/a>?<\/b><\/h2>\n

\u2705 SPF (Sender Policy Framework)<\/b><\/h3>\n

\"spf-record\"<\/p>\n

SPF tells receiving email servers which IPs or servers are allowed to send mail on behalf of your domain. If it\u2019s not on the list, it\u2019s fake and blocked.<\/span><\/p>\n

\u2705 DKIM (DomainKeys Identified Mail)<\/b><\/h3>\n

\"dkim-record\"<\/p>\n

DKIM adds a digital signature to every email your domain sends. It verifies that the content hasn\u2019t been tampered with and came from you.<\/span><\/p>\n

\u2705 DMARC (Domain-based Message Authentication, Reporting & Conformance)<\/b><\/h3>\n

\"dmarc-policy\"<\/span> DMARC ties SPF and DKIM together and tells receiving servers what to do if a message fails either check. It also lets you get reports of spoofing attempts.<\/span><\/p>\n

Step-by-Step: Setting Up SPF, DKIM, and DMARC in cPanel<\/b><\/h2>\n

1. \u2705 Set Up SPF Record<\/b><\/h3>\n
    \n

  1. \n<\/span>Log in to cPanel -> Go to Zone Editor<\/span>
    \n<\/span> b. Add an SPF TXT Record (example): v=spf1 include:zoho.com ~all<\/span><\/li>\n<\/ol>\n

    2. \u2705 Enable DKIM Record<\/b><\/h3>\n
      \n

    1. \n<\/span> Get your DKIM record from your email provider (e.g., Zoho or Google)<\/span>
      \n<\/span> b. Add a TXT record to your DNS (example): zoho._domainkey.yourdomain.com<\/span><\/li>\n<\/ol>\n

      3. \u2705 Configure DMARC Policy<\/b><\/h3>\n
        \n

      1. \n<\/span> Add a TXT record for _dmarc.yourdomain.com<\/span>
        \n<\/span> Record: v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@yourdomain.com; sp=none; aspf=r<\/span><\/li>\n<\/ol>\n

        Best Practices & Pro Tips<\/b><\/h2>\n

        – Start light with DMARC (`p=none`)<\/span>
        \n<\/span> – Check for typos in DNS entries<\/span>
        \n<\/span> – Use tools like MXToolbox for validation<\/span>
        \n<\/span> – Rotate DKIM keys occasionally<\/span>
        \n<\/span> – Review DMARC reports<\/span><\/p>\n

        Troubleshooting Common Issues<\/b><\/h2>\n\n\n\n\n\n\n\n
        Problem<\/b><\/td>\nCause<\/b><\/td>\nFix<\/b><\/td>\n<\/tr>\n
        Emails are going to spam<\/span><\/td>\nSPF\/DKIM record not set or incorrect<\/span><\/td>\nDouble-check DNS records<\/span><\/td>\n<\/tr>\n
        Emails not delivered<\/span><\/td>\nDMARC record policy is too strict<\/span><\/td>\nSet DMARC to <\/span>none<\/span> temporarily<\/span><\/td>\n<\/tr>\n
        DKIM validation fails<\/span><\/td>\nKey not published properly<\/span><\/td>\nRe-copy and verify the public key<\/span><\/td>\n<\/tr>\n
        You\u2019re not receiving reports<\/span><\/td>\nrua=<\/span> email misconfigured<\/span><\/td>\nUse a valid inbox for reports<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

        Final Words: Be the Guardian of Your Domain<\/b><\/h2>\n

        Setting up SPF, DKIM, and DMARC records is non-negotiable if you’re serious about protecting your domain, brand, and users.<\/span>
        \n<\/span> With just 10-15 minutes of setup, you:<\/span>
        \n<\/span> – Prevent spoofing attacks<\/span>
        \n<\/span> – Improve email delivery<\/span>
        \n<\/span> – Build trust with your recipients<\/span>
        \n<\/span> – Gain visibility into impersonation attempts<\/span><\/p>\n

        Summary<\/b><\/h2>\n\n\n\n\n\n\n
        Record<\/b><\/td>\nPurpose<\/b><\/td>\nDNS Format<\/b><\/td>\n<\/tr>\n
        SPF Record<\/span><\/td>\nAuthorize servers to send email<\/span><\/td>\nTXT<\/span><\/td>\n<\/tr>\n
        DKIM Record<\/span><\/td>\nSign the email with a digital key<\/span><\/td>\nTXT<\/span><\/td>\n<\/tr>\n
        DMARC Policy<\/span><\/td>\nControl spoofing policy<\/span><\/td>\nTXT<\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

        FAQs:<\/b><\/h2>\n

        1. What is SPF, and why is it important for my domain email?<\/h3>\n

        Sender Policy Framework is a DNS record that authorizes specific servers to send emails on behalf of your domain. Without it, your emails might land in spam folders or get rejected by recipient servers.<\/p>\n

        2. How do I add an SPF record using cPanel?<\/h3>\n

        Go to your cPanel dashboard \u2192 Zone Editor \u2192 Choose your domain \u2192 Add a TXT record with your SPF value (e.g., v=spf1 include:zoho.com ~all). Always validate it using tools like MXToolbox.<\/p>\n

        3. What does DKIM do for my domain email?<\/h3>\n

        DKIM (DomainKeys Identified Mail) digitally signs your emails to confirm they were sent from your domain and haven\u2019t been altered. It boosts deliverability and prevents tampering.<\/p>\n

        4. Where do I find my DKIM record?<\/h3>\n

        Your email provider (e.g., Zoho, Google Workspace) generates the DKIM record. You then add it as a TXT record in your DNS via cPanel or your DNS manager.<\/p>\n

        5. What is DMARC policy, and how is it different from SPF and DKIM?<\/h3>\n

        DMARC (Domain-based Message Authentication, Reporting & Conformance) builds on SPF and DKIM. It tells receiving mail servers what to do if emails fail authentication (e.g., quarantine or reject them) and lets you monitor spoofing via reports.<\/p>\n

        6. How do I create a DMARC record in cPanel?<\/h3>\n

        Log in to cPanel \u2192 Zone Editor \u2192 Add a TXT record for _dmarc.yourdomain.com with a value like:
        \nv=DMARC1; p=quarantine; rua=mailto:you@yourdomain.com; aspf=r<\/p>\n

        7. Why are my emails still going to spam even after setting SPF and DKIM?<\/h3>\n

        Common reasons include:<\/p>\n