Email: Add DKIM & DMARC when using our DNS (Domain Account)

Modified on Wed, 12 Jul 2023 at 02:15 AM

Answer ID: 1042


Note: This article applies to paid POP / IMAP email through the domain account (HelpDesk article: How to Purchase POP / IMAP Email), and applies to any domains that are using our DNS (HelpDesk article: How to Change Domain Nameservers (DNS))


Note: This article does not apply to email service and DNS hosted on the web hosting account at mywebhostingaccount.com. When using the web hosting DNS, a DKIM record should automatically be set up after the domain is added to cPanel, and DMARC can be setup in cPanel. See HelpDesk article: Web Hosting: Protect Against Email Spoofing in cPanel (Added Email Security).




Use DKIM

DKIM (DomainKeys Identified Mail) verifies the sender and the integrity of a message. In addition, it allows an email system to prove that spammers did not alter an incoming message while in transit. DKIM also verifies that the messages your domains receive come from the specified domain.


Note: This feature requires that you are using our DNS (see HelpDesk article: How to Change Domain Nameservers (DNS)).


Note: Due to the limitation of our Host Records maximum length, we only support up to 1024 bit DKIM.


To use a DKIM:

  1. Generate a DKIM key if needed, by using a DKIM generator service, such as SocketLabs or DMARCLY. Only 1024 bit is supported.
  2. Login to your domain account.
  3. Under "Domains" in the top menu, click "My Domains".
  4. Select the domain you want to work with, and then click "Host Records" from the Domain Overview section or the drop-down menu.
  5. Under "Host Name" enter: _domainkey. If you are using a selector, use the format selectorname._domainkey
  6. Under "Type", select "TXT" from the drop-down list.

  7. In the address field, place the DKIM record that you have created, and then click "Save Changes".
  8. To put in the DKIM private key, contact us, let us know the DKIM private key (including the selector), and we will have it put in on the back-end server.


For more information on DKIM, please visit http://www.dkim.org.


Use DMARC

A DMARC policy allows a sender's domain to indicate that their emails are protected by SPF and/or DKIM, and tells a receiver what to do if neither of those authentication methods pass – such as to reject the message or quarantine it. The policy can also specify how an email receiver can report back to the sender's domain about messages that pass and/or fail.


The process of setting up DMARC is similar to DKIM. First you need to generate the DMARC record, then put it in the Host Records. Although with DMARC, there is no private key that needs to be put in on the back-end.


Note: This feature requires that you are using our DNS (see HelpDesk article: How to Change Domain Nameservers (DNS)).


To use DMARC:

  1. Generate a DMARC record using a tool such as at dmarcian.com/dmarc-record-wizard.
  2. Login to your domain account.
  3. Under "Domains" in the top menu, click "My Domains".
  4. Select the domain you want to work with, and then click "Host Records" from the Domain Overview section or the drop-down menu.
  5. Under "Host Name" enter: _dmarc
  6. Under "Type", select "TXT" from the drop-down list.
  7. In the address field, place the DMARC record that you have created, and then click "Save Changes"






Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article