DKIM and SPF
Setting up DKIM and SPF records for a domain identity
Domain Keys Identified Mail (DKIM) is an email authentication method designed to detect email spoofing. Sender Policy Framework (SPF) is a simple email validation system designed to detect email spoofing. Setting up DKIM and SPF entails adding DNS records to the domain.
It is highly recommended that you setup both DKIM and SPF to increase the authenticity and deliverability of your emails. If you are experiencing a problem where recipients are seeing “sent via amazonses.com” near the “From:” address, setting up DKIM will resolve the issue.
Before setting up DKIM and SPF, you need to create and verify a domain identity. See our page on SES identities.
Setting up DKIM for a Domain Identity
Go to the SES Identities page within the BigMailer console. Click on the domain identity, and go to the DKIM Status page. Click the Enable DKIM button.
You need to create the three DNS records shown on the page. Log into your DNS provider. In this documentation, we show how to do this with Amazon Route 53. The process is similar for other DNS providers.
Go to the Route 53 section of the AWS console. Click on the name of the domain. Click Create Record Set. Copy and paste the first CNAME name and value from the BigMailer console into the Create Record Set dialog. Be sure to set the record type to CNAME. Repeat this for the second and third DNS record.
After creating the DNS records, it may take a little time for Amazon to verify they exist. You can click Recheck Status on the Identity Status page to check if Amazon has done the verification.
Setting up SPF for a Domain Identity
Log into your DNS provider. In this documentation, we show how to do this with Amazon Route 53. The process is similar for other DNS providers.
Go to the Route 53 section of the AWS console. Click on the name of the domain. Click Create Record Set. Leave the name blank and enter the value "v=spf1 include:amazonses.com -all"
. Set the record type to TXT.
Attention GoDaddy users
GoDaddy doesn't allow an empty value for the name. Enter
@
for the name instead of leaving it blank.
Already have an SPF record?
If the domain already has an SPF record, add
include:amazonses.com
to the value.
Updated over 1 year ago