This article explains how you can set up DMARC and SPF for your domain which you have set up for use in HappyFox. 

An SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain.

IMPORTANT NOTE: Setting DNS records should be done only by your system administrator who has access and rights to make changes to the DNS entries.

Adding an SPF record

If you would like to have more control of which applications or servers are sending emails to customers with your domain name, adding an SPF record for your domain is the common practice to do this. You can add the HappyFox addresses to your SPF record by adding include:spf.happyfox.com. The SPF record will have to be added as a TXT record on your DNS provider. 

Sample SPF record

yourcompanyname.com.   3600   IN     TXT    "v=spf1 include:spf.happyfox.com ~all"

The SPF record above shows that the IPs under spf.happyfox.com are authorised senders of emails for your domain (@yourcompany.com). With this kind of record in place, emails sent to customers from your HappyFox account (where you have your own SMTP) will be accepted by receiving mail servers as valid emails and not treat them as Spam. 

Notes:

 

1) The above sample is only for HappyFox. In some cases, your DNS may already have SPF records to support services that you are already using, such as Outlook, Google, Sendgrid etc.

2) The SPF value for HappyFox accounts hosted in US datacenter, is include:spf.happyfox.com

3) The SPF value for HappyFox accounts hosted in EU datacenter, is include:spf.happyfox.net

 

To know your datacenter, click the support icon in your Agent portal.

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication protocol. It builds on the widely deployed SPF and DKIM protocols, adding a reporting function that allows senders and receivers to improve and monitor protection of the domain from fraudulent email.

DMARC serves as a potent solution against email spoofing, yet its implementation can be intricate and pose risks. Setting a DMARC policy without comprehensive knowledge of all your email sources, including mailboxes, help-desk tools, email marketing platforms, CRM systems, transactional email services, server alerts, and others, may lead to the unintended rejection of legitimate emails.

Every DMARC record must include two essential tag-value pairs, namely "v" and "p". The "v" tag must have the value "v=DMARC1", while the "p" tag can be paired with "none", "quarantine", or "reject". Thus, the combinations would appear as follows: "p=none", "p=quarantine", or "p=reject". Google advises that all new DMARC records should initially have "p=none" to enable the identification of email delivery issues caused by the domain's SPF or DKIM. This policy value helps prevent legitimate emails from being mistakenly quarantined or rejected.

Sample DMARC record:

v=DMARC1; p=none; rua=mailto:<an email ID of your choice where you wish to receive reports>; aspf=r; pct=100; fo=0; ri= 3600; ruf=mailto:<an email ID of your choice where you wish to receive reports>"

To explain what has been set here:

p=none means that it Advises the receiving MTA to reject any email that fails any DKIM and/or SPF checks

aspf=r (relaxed mode) means that emails sent from the subdomain happyfox.co will be accepted

pct=100 means this applies for 100% of emails sent from this domain

rua and ruf are keys where the mail reports and failure reports need to be sent to can be specified

Once these are set, emails sent from your HappyFox account, with SMTP relay should be accepted by recipient mail servers as authenticated emails. You can see that in the sample header below for a test mail that we had sent. 

IMPORTANT: Please do not set the 'adkim' key in the DMARC record to relaxed or strict. This can cause your emails to get bounced from the recipient mail server.