This instructional article will demonstrate the Taguchi configuration process of Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) Signatures to ensure Taguchi passes the DMARC alignment check and eliminate spam from your domain and increase security.
The SPF record identifies the mail servers and domains that are allowed to send email on behalf of your domain. The DKIM record, on the other hand, is a specially formatted DNS TXT record that stores the public key the receiving mail server will use to verify a message’s signature. These email authentication methods will be used to prove to ISPs and mail services that senders are truly authorized to send email from a particular domain and are a way of verifying your email sending server is sending emails through your domain.
Taguchi is using a subdomain to send emails, which means the Return-Path domain will be associated with your subdomain (for example, test.example.com). Ensure that you configure it on your subdomain for proper functionality, as instructed below.
The process of configuration
In order to authenticate Taguchi on your domain, you need to create TXT and CNAME records. Please follow these steps:
- Login to your Taguchi account
- Navigate to Settings > Domain to configure MTA’s in the ‘Sending Domains’ section
- Click Add Sending Domain and input the From domain
- Add the return-path subdomain component.
For example if the From domain is sending-test.taguchimail.com.au, entering bounce into the ‘return-path’ field will make the return-path address become bounce.sending-test.taguchimail.com.au. The return-path address is not user-visible.
- Select DKIM selector and Security Level
- Click Save
- Login and head to your DNS Zone provider
- Create a new CNAME record
- Input the DNS name as tag2048._domainkey
- Input the DNS value as written in the section provided above
- Save the record
The screenshot below will show you an example of the DNS records. We’ll be using CloudFlare for this example.
DKIM Record:
CNAME Verification Record:
Important Note: please make sure to disable the Proxy Status and let it remain on DNS Only.
Please ensure to utilize Taguchi Support, as your templates will need to be updated with the custom return-path domain. Additionally, inform them about the SPF configuration for better assistance.
Congratulations, you now successfully authenticated your outgoing mail stream from Taguchi with SPF and DKIM.