Wondering how do you set up SPF record in Shopify? This informative post will demonstrate the configuration process of Sender Policy Framework (SPF) Signature on your Shopify to ensure Shopify passes the DMARC alignment check.
SPF records allow receiving servers to check whether an email with the specified source domain was actually sent from a server authorized by the owner of this domain.
To ensure SPF passes the DMARC check, a custom domain needs to be added in order for SPF to align with the domain name.
How to add a custom domain in Shopify
1. Navigate to Shopify and select the “Domains” tab.
Note: If the domain is already added and status says Connected, it means the custom domain is already set up. Kindly skip these following steps and proceed with “The process of setting up the SPF Record” section.
2. Select the “Connect existing domain” to add the new custom domain to Shopify.
3. Once selected, add the domain name and click on the “Next” button.
Note: It is recommended to add a subdomain to avoid collisions with root domain sources that may cause issues.
4. After clicking on the “Next” button, Navigate to the DNS provider and create a new CNAME record (CloudFlare, Godaddy, etc.).
CloudFlare is used for this example.
- The “Name” section is the domain name.
- The “Target” section should direct to shops.myshopify.com
5. Once the new CNAME record is stored, navigate back to Shopify and click on the “Verify Connection” button.
After clicking on the button, a message will appear stating that the process was concluded successfully.
How to setup the SPF Record
To ensure the emails from Shopify are sent from your domain behalf we need to create or update you existing SPF record with including the following mechanism: include:shops.shopify.com
To create a new SPF record, you can easily create a record using our SPF Record Generator tool.
The steps to create a new SPF record:
- Navigate to SPF Record Generator.
- Add include:shops.shopify.com in the include:__ section.
- Select the Policy (The options are : Fail (Not Compliant will be rejected), SoftFail (Not Compliant will be accepted but marked) and Neutral (Mails will be probably accepted)).
- When the proper steps are made click on the “Generate SPF Record ”.
- Copy the provided SPF record and navigate to the DNS provider TXT record (CloudFlare, Godaddy, etc.).
We’ll be using CloudFlare for this example.
Important Note: Make sure you don’t create multiple SPF TXT records on one domain. If you do, SPF will return a PermError.
If you are using multiple IPs, ESPs, Third-Party services for your various email strategies, you should include them in a single SPF Record.
E.g v=spf1 ip4:17.67.137.221 include:shops.shopify.com include:thirdpartyservice.com ~all
Once the SPF record is added in the DNS zone, the SPF record will pass the DMARC check!
Note: Shopify does not support DKIM alignment as of this current time, but DMARC passes when either SPF or DKIM pass the DMARC check. Doing the steps above will ensure all emails from Shopify are DMARC compiled.
For more 3rd party configuration steps:
- Microsoft 365 SPF and DKIM Configuration: step by step
- Salesforce SPF & DKIM Authentication
- SPF, DKIM, DMARC Setup Guide for Google Workspace (Formerly G Suite)
- DMARC, SPF & DKIM Implementation Guide for HostGator
- DMARC, SPF & DKIM Implementation Guide for DreamHost
- Klaviyo SPF and DKIM Setup: step by step
- SparkPost SPF and DKIM Setup: step by step
We’re glad you joined EasyDMARC newsletter! Get ready for valuable email security knowledge every week.
You’re already subscribed to EasyDMARC newsletter. Continue learning more about email security with us