Why do we need SPF and DKIM for email validating?

Why do we need SPF and DKIM for email validating?

SPF and DKIM now are one of the important things we should care for working with Email Configuration.

What are SPF and DKIM?

Sender Policy Framework (SPF) is a simple email validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain’s administrators.

DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect email spoofing. … In technical terms, DKIM lets a domain associate its name with an email message by affixing a digital signature to it. Verification is carried out using the signer’s public key published in the DNS.

The Benefits of Validating Email Senders

How Easy Setup SPF?

Understand SPF records

SPF is easy to setup using your domain’s DNS. Let’s get started by checking your existing SPF records through MXToolbox. Visit this page, enter a command spf:lokihost.com then see existing SPF record result.

There are a few variables you should improve:

v=spf1 – A default variable you should keep it in the first line.

+a, +mx – Allow specifying MX records and A DNS Records.

+ip4: Each this value will contain a single IP Address

include: It will be used for alternative CNAME, usually to include for email marketing services.

Here is a good example from our SPF records:

v=spf1 +a +mx +ip4: include:spfa.mailendo.com ~all

Update SPF Records in cPanel Control Panel

Edit via Advanced Zone Editor

If you point directly to hosting’s default nameservers, like ns1.lokihost.com, ns2.lokihost.com, you should edit SPF records via cPanel Control Panel, in ‘Advanced Zone Editor’.

Or Edit via Authentication in Email Sections

You can navigate to Email, then find Authentication. cPanel has many options to add IP, hostname to your existing SPF records without manual editing.

As usually, each cPanel hosting account should have their own SPF. You can edit it and add more values (as we explained in above section).

Remember: Don’t forget to recheck SPF records after 2-3 hours via MXToolbox.

Working with DKIM Signatures

DKIM Signatures seems to be harder to work than SPF. You should remember two important things:

  • DKIM signatures used sub-domain to validate. For example: default_.lokihost.com
  • DKIM signatures add a long key to this sub-domain via TXT records. It begins and ends with two quotes.

Activating DKIM in cPanel Hosting

Luckily a cPanel control panel provides a better way to add DKIM signatures. Navigate to Email section, find ‘Authentication’ menu item.

If a button at DKIM section shown as Disabled, just click to enable it. That’s fine.


SPF and DKIM have been used for many years with email providers like Google and Hotmail. You can see many issues like ‘sending via‘ issue. If this is the first time you listen to it, let’s get started to check and tell your IT-man, or yourself fix it to prevent email was marked as Spam in Gmail and many other email providers.


Have Question About Our Services? Send Us A Message!

%d bloggers like this: