Elastic Email SPF and DKIM Configuration | EasyDMARC

Elastic Email SPF and DKIM Configuration: Step by Step

3 Min Read
Elastic Email SPF and DKIM Configuration: Step-by-Step featured image

This instructional article will demonstrate the Elastic Email configuration process of Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) Signatures to ensure Elastic Email passes the DMARC alignment check and eliminates spam from your domain and increases security.

SPF Configuration Process

To ensure the emails from Elastic Email are sent on behalf of your domain, we need to create or update your existing SPF record by following the steps below: 

  1. Login to your Elastic Email portal
  2. Navigate to Settings>Domains>Manage Domains (You notice a screen as shown below):

3. Click on “Start Verification”

4. Click on “Verify Domain” in order to verify your domain

5. Enter your Domain

6. After noticing this screen, click on “Continue” and head to your DNS Zone

For this step, you can also easily create the SPF Record by using our SPF Generator Tool

7. Add include:_spf.elasticemail.com in the include:__ section.

8. Choose the Policy (The options are: Fail (Not Compliant will be rejected), SoftFail (Not Compliant will be accepted but marked) and Neutral (Mails will be probably accepted)).

9. When you have made followed the steps, click on the “Generate”

10. Copy the provided Elastic Email SPF record and navigate to your DNS provider (CloudFlare, Godaddy, etc.) and create a TXT Record. We’ll be using CloudFlare for

this example.

11. Click on “Save”

12. Head back to ELastic Email portal and click on the “Verify record” button to continue

Important Note: If everything was set up correctly, you should be at a confirmation step of the verification process. This informs you that you can now use any email address related to your domain to send emails.

“Default sender” Note: When there is a default sender set on the account, emails are still branded using the default sender, even if sent from a non-verified domain. If there is no default sender set, and an email is sent from a non-verified domain, then elasticemail.com is used. Also, if a default sender is set, then sub accounts will inherit the ability to use the main account’s default verified sender domain.

DKIM Configuration Process

In order to authenticate Elastic Email by DKIM, please follow the steps below:

  1. Create a new TXT Record in your DNS Zone, by the following information:
    Host-Name: api._domainkey

Value: k=rsa;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbmGbQMzYeMvxwtNQoXN0waGYaciuKx8mtMh5czguT4EZlJXuCt6V+l56mmt3t68FEX5JJ0q4ijG71BGoFRkl87uJi7LrQt1ZZmZCvrEII0YO4mp8sDLXC8g1aUAoi8TJgxq2MJqCaMyj5kAm3Fdy2tzftPCV/lbdiJqmBnWKjtwIDAQAB

Note: We’ll be using CloudFlare for this example.

2. Click on “Save”

In order to check if your SPF and DKIM records have been successfully verified by Elastic Email. Please head to your portal and if a blue star is present next to the domain name, it indicates that it’s set as a Default Sender. You can enter a domain’s details by clicking View details next to the domain name.

Here, you can set your domain as default sender and check if your SPF, DKIM and other records are properly verified.

Congratulations, you now successfully authenticated your outgoing mail stream from Elastic Email with SPF and DKIM.

Various authors from EasyDMARC teams have contributed to our blog during company's lifetime. This author brings everyone together.


Inline Feedbacks
View all comments

succees We’re glad you joined EasyDMARC newsletter! Get ready for valuable email security knowledge every week.

succees You’re already subscribed to EasyDMARC newsletter. Continue learning more about email security with us