Skip to main content
In this chapter
< Contents
Print

Set up sending authorization

MNR_ProductName] is used to send emails with your domain as the sender. For example, if your company's domain is mycompany.com, your newsletter could be sent from the address newsletter@meinefirma.de. 

However, mailfino naturally has nothing to do with your domain meinefirma.de and, on closer inspection, anyone could actually use our software to send emails in the name of meinefirma.de. Because email is a free medium, anyone can claim to send emails in your name, that is in the nature of things.

Over the years, a number of mechanisms have been created to verify whether an email was actually sent by the specified sender. These mechanisms are called DKIM, DMARC and SPF. All three are supported by mailfino. 

Let's start with the simplest mechanism: the SPF record. 

The SPF record

An SPF record is a TXT entry that is stored in the domain administration of your mycompany.com domain and authorizes our newsletter service to send emails on behalf of mycompany.com. 

An SPF record looks like this, for example:

                        v=spf1 a mx include:email-delivery.de ~all

It has the following meaning: This is SPF version 1. Emails may be sent from the following IP addresses:

a : All addresses in the A-Record :these are the addresses defined as A-Record in the domain administration, for example the IP address of your web host

mx:  All mail servers that are in the MX record of your domain administration.

include:email-delivery.com: All IP addresses defined in the SPF record of email-delivery.de. email-delivery.de is one of our sending domains.

The SPF record therefore contains a list of addresses that are authorized to send emails on behalf of the domain. Sending is considered authorized. 

Here are Further information on the SPF record.

The DKIM entry

DKIM stands for Domain Keys Identified Mail. Two keys are generated, one private and one public. The public key is stored in your domain administration, the private key on your mail server. mailfino generates a separate key pair for each user account and each sending domain. The public key must be stored with your domain, the private key remains secret. 

When emails are sent, part of the email is encrypted with the secret key. When someone receives an email, the receiving email server attempts to decrypt the encrypted part using your public key. If this is successful, your email is not only classified as authorized, but also as authenticated. 

The DMARC record

The DMARC record is a TXT entry that specifies what to do with emails that have not been authorized or authenticated. They can either be delivered, deleted or classified as SPAM. 

The following article describes the structure of the DMARC record in detail: How does a DMARC record work?

Set up sending authorization

If you click on it, the DNS configuration for the selected sending domain (in this example the domain alpha-flying-india.de) is displayed:

mailfino automatically generates the entries DMARC (_dmarc), DKIM (in this case rd11250._domainkey) and the SPF record. 

The green tick on the left means that the entry is stored with the domain and is valid. If an entry is not stored or is invalid, a red exclamation mark is displayed. 

DNS configuration for authorized sending

Send this data to the administrator of your sending domain in good time. It sometimes takes some time for the data to be successfully entered.

Tags: