If you want to get responses from your outbound campaigns, you need to have the right domain name server (DNS) settings. This is done by adding the right MX records to each email account in your domain host’s site (Namecheap, GoDaddy, Squarespace). This record is what allows you to send and receive emails safely - skipping this step can land you in spam, or getting blacklisted.

Domain Name Servers (DNS) provide a list of domain names for the internet by changing your IP address into a domain name. DNS also lets the person you're emailing know that you're really you, which helps your emails get through. So, why do you need to do this?

We love cold emails, but not everyone does. Some people want to use email for spam or to try to get personal information. In the last 5 years it has become increasingly easier to launch a massive email campaign. This has led to stricter rules on what counts as “valid email” that should land in your primary inbox.

We’re going to help you land there by getting the first step right. This is especially important if you are sending to thousands of prospects each month. The more outbound you send, the more secure your servers need to be.

These are the three main records you need to configure:

‍

• SPF (Sender Policy Framework):

An SPF record is a list of mail servers that can send emails for your domain. When you send an email, the person getting the email will check to see if it's coming from a server on the list. If it's not, the email might get marked as spam. The SPF record shows that your emails are coming from the right place.

• DKIM (Domain Keys Identified Mail):

A DKIM record adds a special signature to your emails. When you send an email, the person getting the email will check if the signature is right. If it is, they know the message is from you.

• DMARC (Domain-Based Message Authentication Reporting and Conformance):

Some consider this optional. We always configure this because it’s better to be safe and takes just a few more minutes of your time. DMARC uses DKIM and SPF to identify spammy emails. 

This is what the process looks like step by step if you are using Google Workspace first, then Microsoft Outlook for your domain. 

‍

Google Workspace

SPF 

1. Sign into your domain account on your domain host's site (Namecheap, GoDaddy, Squarespace, etc.)
2. Go to “DNS Management” or the page for updating your domain’s DNS records. This may also be called “Manage” or “Advanced DNS”.

3. Find your TXT records and check if your domain has an existing SPF record.

• If you see a records that says "v=spf1 include:_spf.google.com ~all" you don't need to set it up again. You can skip to DKIM.
• If there is no SPF record, or the SPF record is different, delete the SPF record, then move on to the next step

3. Create a TXT record with these values:

• Name/Host: @
• Type: TXT
• Time to Live (TTL): 3600 or leave the default
• Value: v=spf1 include:_spf.google.com ~all

4. Save

The records can take 48 hours to go live, although it’s usually done in under ten minutes. You can still proceed with DKIM in the meantime, but don’t send any emails yet.

DKIM

You will need access to both your Google Admin and your Domain's DNS records.

1. Log into your Google Admin: admin.google.com
2. Click Menu, click Apps, then click Google Workspaces, and click Gmail

3. On the Gmail page, click Authenticate Email

4. Or, to simplify things, you can visit this link: https://admin.google.com/ac/apps/gmail/authenticateemail and sign in to your account

• If you see Authenticating Email with DKIM then you don't need to set up a new DKIM

•  If you see a different status, click Generate a DKIM Key and move on to the next step

5. Head to your domain host's site (Namecheap, GoDaddy, Squarespace)
6. Create a DNS TXT Record with the DKIM Key generated in step 4

• Name/Host: google._domainkey
• Type: TXT
• Time to Live (TTL): Leave the default
• Value/Data/Destination: The special DKIM key in your Google Admin settings

5. Once you hit save, go back to Google Admin and click Start Authenticating.

This may take up to 48 hours. Do not add DMARC until you see in Google Admin that this has been authenticated.

DMARC

In the past, if you had SPF and DKIM, there was no need for this. Some still consider it optional, but in today’s email environment we always recommend taking this step.

1. Sign into your domain account on your domain host's site (not your Google Admin Console).
2. Go to the page for updating your domain’s DNS records.
3. Add this TXT Record to your DNS:

• Host Name: _dmarc
• Type: TXT
• VALUE (with email): v=DMARC1; p=quarantine; rua=mailto:insert your email address; pct=90; sp=none
• OR if you don’t want to add an email (It doesn’t make  difference) then add VALUE (no email): v=DMARC1; p=quarantine; pct=90; sp=none
• Time to Live: 60 min

4. Click save

‍

Microsoft Outlook

SPF

1. Go to your domain administrator's site. Click on DNS Management.
2. Add this TXT Record to your DNS.

• v=spf1 include:spf.protection.outlook.com -all

‍

DKIM

‍

1. Go to your domain administrator's site. Click on DNS Management.
2. In your DNS settings, create a record type CNAME
3. CNAME Record 1

• Name: selector1._domainkey
• Points to: selector1-yourdomain-com._domainkey.yourdomain.onmicrosoft.com
• TTL: Enter 3600
• Replace yourdomain-com with your domain

4. CNAME Record 2

• Name: selector2._domainkey
• Points to: selector2-yourdomain-com._domainkey.yourdomain.onmicrosoft.com
• TTL: Enter 3600 or 1 hour
• Replace yourdomain-com with your domain

5. This can take up to 48 hours to take effect.
6. Enabling DKIM for your domain in the Office 365 Portal:

• https://office.com/admin 
• Log into your Admin Account
• Navigate to Menu (Top Left)
• Click on Admin > Show All > Exchange > Protection > DKIM (Top Nav. Menu)

                     - Yourdomain.com > Authoritative > Enable

                     - You will need a Windows computer or Powershell for the next steps:

                                    - Click on Show, All on the left-hand side navigation menu

                                    - Click on Exchange

                                    - Click on Protection on the left-hand side navigation menu

                                    - Click on dkim on the TOP navigation menu

                                    - Click on your domains and enable DKIM

                                                  - You will see two domains: your actual domain and the Microsoft domain

DMARC

1. Go to your domain admin’s site and open the DNS manager
2. Create a TXT Record

• Name: _dmarc.{domain}
• TTL = Leave at the default or enter 3600
• HOST NAME: _dmarc
• VALUE (with email): v=DMARC1; p=quarantine; rua=mailto:{email}; pct=90; sp=none
• VALUE (no email): v=DMARC1; p=quarantine;  pct=90; sp=none

Conclusion

A lot of the information here is technical and is usually handled by IT leads. If you need someone to handle your email infrastructure and manage your sales campaigns to schedule more sales meetings, Zevenue can help. Send us a message and we’d be glad to help however we can!

‍