Answer ID: 1042
Note: This article applies to paid POP / IMAP email through the domain account (HelpDesk article: How to Purchase POP / IMAP Email), and applies to any domains that are using our DNS (HelpDesk article: How to Change Domain Nameservers (DNS))
Note: This article does not apply to email service and DNS hosted on the web hosting account at mywebhostingaccount.com. When using the web hosting DNS, a DKIM record should automatically be set up after the domain is added to cPanel, and DMARC can be setup in cPanel. See HelpDesk article: Web Hosting: Protect Against Email Spoofing in cPanel (Added Email Security).
Note: DKIM and DMARC mentioned in this article below, are additional email security features that can be added to your domain's email settings. You will also want to have the email security measure "SPF" added for sending email. See the HelpDesk article: How to Add TXT or SPF Records on Domains
Use DKIM
DKIM (DomainKeys Identified Mail) verifies the sender and the integrity of a message. In addition, it allows an email system to prove that spammers did not alter an incoming message while in transit. DKIM also verifies that the messages your domains receive come from the specified domain.
Note: This feature requires that you are using our DNS (see HelpDesk article: How to Change Domain Nameservers (DNS)).
Option 1: NEW auto-updating DKIM
Our affiliate, Enom, has set up a new auto-updating DKIM record for domains registered with us. All you have to do is add the below DKIM records as a CNAME in the Host Records for the domain.
Important: Replace example.com with your domain name.
| Record type | Host value | Address value |
| CNAME | k1._domainkey | k1.example.com.dkim.hostedemail.link |
| CNAME | k2._domainkey | k2.example.com.dkim.hostedemail.link |
See Enom's full help article about the new auto-updating DKIM here: help.enom.com/hc/en-us/articles/23634745698061-Hosted-Email-auto-updating-DKIM-validation-records
Option 2: Manually set up DKIM:
- Generate a DKIM key if needed, by using a DKIM generator service, such as SocketLabs or DMARCLY. Only 1024 bit is supported.
- Login to your domain account.
- Under "Domains" in the top menu, click "My Domains".
- Select the domain you want to work with, and then click "Host Records" from the Domain Overview section or the drop-down menu.
- Under "Host Name" enter: _domainkey. If you are using a selector, use the format selectorname._domainkey
Under "Type", select "TXT" from the drop-down list.
- In the address field, place the DKIM record that you have created, and then click "Save Changes".
- To put in the DKIM private key, contact us, let us know the DKIM private key (including the selector), and we will have it put in on the back-end server.
Note: Due to the limitation of our Host Records maximum length, we only support up to 1024 bit DKIM.
For more information on DKIM, please visit http://www.dkim.org.
Use DMARC
A DMARC policy allows a sender's domain to indicate that their emails are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods pass – such as to reject the message or quarantine it. The policy can also specify how an email receiver can report back to the sender's domain about messages that pass and/or fail.
The process of setting up DMARC is similar to DKIM. First you need to generate the DMARC record, then put it in the Host Records. Although with DMARC, there is no private key that needs to be put in on the back-end.
Note: This feature requires that you are using our DNS (see HelpDesk article: How to Change Domain Nameservers (DNS)).
To use DMARC:
- Generate a DMARC record using a tool such as at dmarcian.com/dmarc-record-wizard.
- Login to your domain account.
- Under "Domains" in the top menu, click "My Domains".
- Select the domain you want to work with, and then click "Host Records" from the Domain Overview section or the drop-down menu.
- Under "Host Name" enter: _dmarc
- Under "Type", select "TXT" from the drop-down list.
- In the address field, place the DMARC record that you have created, and then click "Save Changes"
Most Basic DMARC Record to use
There are different settings you can have contained within your DMARC record, so DMARC records will look different depending on the settings. But if you just want to add the most basic DMARC record that does not reject or quarantine messages, or send periodic reports to your email address, you can use this DMARC record in the Host Records:
Host Name:
_dmarc
Record Type:
TXT (Text)
Address:
v=DMARC1; p=none;
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article