How to configure SPF, DKIM and DMARC for sending domains

Last Updated: 28/11/2024     Tags: configure sending domains, sending domains, domains, spf, dkim
  • Switch Version
  • V5
  • V4

The following steps outline how you can configure your sending domain/s in Taguchi for SPF, DKIM and DMARC.

Setting up SPF, DKIM and DMARC on a sending domain:

  1. An Administrator in your organisation needs to navigate to Settings > Domain to configure MTA's in the 'Sending Domains' section. Sending Domains
    • Click Add Sending Domain and input the From domain (the main sender address shown in email clients)
    • Add the return-path sub-domain component. For example if the From domain is sending-test.taguchimail.com.au, entering bounce into the 'return-path' field will make the return-path address become bounce.sending-test.taguchimail.com.au. The return-path address is not user-visible.
    • Select DKIM selector.
      • tagXXXX vs dkimXXXX is purely what name you prefer (slightly identifying Taguchi or not)
      • 1024 vs 2048 relates to the security level. 2048 is more secure, however, for marketing emails 1024 is more than suitable.
    • Click Save
  2. After saving, Taguchi needs to be authorized to send using this domain. You need to create the DNS CNAME and TXT records shown under the 'DNS Records' column, which will enable DKIM signing using the DKIM selector you chose.

  3. Once DNS records have been configured on your end, contact Taguchi Support so we can complete the set up on our end.

  4. Once the status in Taguchi shows 'configured', your domain is now available to select as your sending domain, in your template theme.

  5. Once DNS records have been configured you may enable DMARC in your organization. Setting up the sub-domain and pointing the CNAME to clients.taguchimail.com and implementing the above on our end ensures that emails sent through Taguchi are DMARC ready. You will need to undertake further work on your end to set up DMARC fully, as all mail sources for your organization will need to be configured to support it.

Note: The sending domain status will initially show 'Pending'. Within 24 hours of creating the DNS records, it will change to 'Authorized'. Once our mail servers have been updated (which occurs daily between 8-9AM) and the domain is available the status will display 'Configured'.