How to configure DMARC and SPF for your domain to use with HappyFox

This article explains how you can set up DMARC and SPF for your domain which you have set up for use in HappyFox. 

DMARC, which stands for “Domain-based Message Authentication, Reporting & Conformance”, is an email authentication protocol. It builds on the widely deployed SPF and DKIM protocols, adding a reporting function that allows senders and receivers to improve and monitor protection of the domain from fraudulent email.

An SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain.

IMPORTANT NOTE: Setting DNS records should be done only by your system administrator who 
has access and rights to make changes to the DNS entries.

Adding an SPF record

If you would like to have more control of which applications or servers are sending emails to customers with your domain name, adding an SPF record for your domain is the common practise to do this. You can add the HappyFox addresses to your SPF record by adding include:spf.happyfox.com. The SPF record will have to be added as a TXT record on your DNS provider. 

Sample SPF record

yourcompanyname.com.   3600   IN     TXT    "v=spf1 include:spf.happyfox.com ~all"

The SPF record above shows that the IPs under spf.happyfox.com are authorised senders of emails for your domain (@yourcompany.com). With this kind of record in place, emails sent to customers from your HappyFox account (where you have your own SMTP) will be accepted by receiving mail servers as valid emails and not treat them as Spam. 

Adding a DMARC Record

HappyFox currently does not support adding DKIM signed emails from your account. However, it is possible to set up DMARC without DKIM and with SPF only. You can add a DMARC record like, 

Sample DMARC record

v=DMARC1\; p=reject\; sp=reject\; rua=mailto:<an email ID of your choice where you wish to receive reports>\; aspf=r\; pct=100\; fo=0\; ri= 3600\; ruf=mailto:<an email ID of your choice where you wish to receive reports>"

To explain what has been set here:

p = reject means that it Advises the receiving MTA to reject any email that fails any DKIM and/or SPF checks

sp=reject is the same as above for subdomains

aspf=r (relaxed mode) means that emails sent from the subdomain happyfox.co will be accepted

pct=100 means this applies for 100% of emails sent from this domain

rua and ruf are keys where the mail reports and failure reports need to be sent to can be specified

Once these are set, emails sent from your HappyFox account, with SMTP relay should be accepted by recipient mail servers as authenticated emails. You can see that in the sample header below for a test mail that we had sent. 

IMPORTANT: Please do not set the 'adkim' key in the DMARC record to relaxed or strict. This can cause your emails to get bounced from the recipient mail server. 

  • 499
  • 03-Oct-2018
  • 7899 Views