Redi for Business

https://support.cloudways.com/en/articles/5130879-how-to-activate-the-elastic-email-add-on#domain-verification

1. SPF

SPF stands for “Sender Policy Framework”. SPF is an email authentication method. SPF helps servers authenticate that messages appearing to come from a specific domain are sent from servers authorized by the domain owner. It helps protect your domain from phishing and spoofing, and it also ensures that your messages are delivered correctly.

You will need the following information while pointing SPF record.

If you have subdomain(s), then you need to replace @ with the subdomain, e.g., support in the Name/Host/Alias field.

Tip

• Some DNS registrars may not accept “@” as Host; thus, you can leave the Host field blank. If that does not work, you can enter your domain name in the Host field.

• Please note that there can only be one SPF record per domain, so if there is an existing record, add “include:_spf.elasticemail.com” at the end of that record. For instance, if your domain already has the SPF record for Rackspace mail add-on as “v=spf1 a mx include:emailsrvr.com ~all”, then it should look like “v=spf1 a mx include:emailsrvr.com include:_spf.elasticemail.com ~all” after updating. Similarly, if you have an SPF record for Gsuite, the record should look like “v=spf1 a mx include:_spf.google.com include:_spf.elasticemail.com ~all”.

2. DKIM

DKIM stands for “DomainKeys Identified Mail”. It is also an email authentication method that adds a digital signature to every message. In addition, DKIM allows receiving servers to confirm that the domain’s owners have authorized mail coming from a domain and that these messages aren’t altered during transit.

You will need the following information while pointing DKIM record.

If you have subdomain(s), then you need to add your subdomain, e.g., support at the end of api._domainkey in the Name/Host/Alias field, so it will look like api._domainkey.support.

Tip

Some DNS registrar may not accept “api._domainkey” as Host; thus, you can enter “api._domainkey.mydomain.com”, replacing my domain with your actual domain.

3. Tracking

Elastic Email “tracks” opens, clicks, unsubscribes, etc. You need to rewrite links and use web pages. Configuring a “tracking domain” brands these rewritten links and pages with your own domain.

You will need the following information while pointing tracking record.

If you have subdomain(s), then you need to add your subdomain, e.g., support at the end of tracking in the Name/Host/Alias field, so it will look like tracking.support.

Tip

• If your DNS registrar automatically adds your domain name after the tracking value, e.g., “api.elasticemail.com.mydomain.com”. To avoid this from happening, add a period “.” at the end of your tracking record value, e.g., “api.elasticemail.com.”.

• If you are using Cloudflare to manage your DNS records, please note that you must disable the orange proxy icon while pointing the tracking record.

4. MX

MX record stands for “Mail Exchange Records”. It specifies a mail server responsible for accepting emails addressed to your domain. In other words, MX records tell which mail servers accept incoming emails for your domain and where emails should be routed if addressed to your domain. Therefore, you need to have the correct MX records to receive emails.

Most users have mailboxes (e.g., “ask@mydomain.com”) configured to receive emails; therefore, if you have a mailbox from any third-party service, e.g., Rackspace, Gsuite, etc., you have MX records already configured with it; thus, you don’t need to point any additional records, and you can move to the next and final DNS record. If you don’t have a Mailbox, you can use an inexpensive Rackspace Email Add-on on Cloudways Platform.

5. DMARC

DMARC stands for “DMARC is short for Domain-based Message Authentication, Reporting, and Conformance”. It is also an email authentication protocol that ensures the proper authentication of emails. SPF and DKIM are prerequisites of DMARC and must be implemented before setting up a DMARC policy.

A DMARC policy allows a sender to indicate that their emails are signed by SPF and DKIM and tells a receiver what to do if neither authentication methods pass, such as junk or bounce the email. Please note that the DMARC policy on your domain will affect all of your emails sent from that domain, not only the emails sent using Elastic Email; therefore, please ensure you are using the SPF and DKIM for all your email delivery.

Tip

If you are looking to set a custom DMARC policy, we strongly recommend using Elastic Email’s DMARC Generator – it will help you create DMARC records suited for your domain.

There are three different ways to point DMARC records based on your requirement.

Option 1 — Setup your DMARC policy with a simple, most common DMARC record. In this option, you will not receive any reports.

Option 2 — In this option, you will receive reports. The DMARC Reports will come to the email you specify in ruf= and rua= parameters.

When you no longer receive negative reports, change your DMARC policy from “p=none” to “p=quarantine”, which will not necessarily bounce email, but indicate to the recipient server they should consider quarantining it (junk or spam folder).

Option 3 — You will also receive reports with this option. When you are satisfied that you are validating all the emails from your domain(s) with SPF and DKIM, change the policy to reject, which will bounce the emails that do not pass SPF and DKIM validation.

If you have subdomain(s), then you need to add your subdomain, e.g., support at the end of _dmarc in the Name/Host/Alias field, so it will look like _dmarc.support.

After configuring all the DNS records, it’s time to verify your domain on the Cloudways Platform using the following steps: