This article covers the SPF and DKIM authentication processes for Securence and how they are managed in Valimail. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.

1. Login to the Securence admin portal (https://admin.securence.com).

2. On the Home screen, click the domain you wish to configure.

3. Select the Outgoing Settings tab, then Delivery.

4. Under the DKIM section, click Setup DKIM.

After clicking the Setup DKIM button, you will be ushered through a couple short steps to setup the cryptographic key pair for your domain, and enable DKIM signing in Securence.

1. Choosing a key length. The recommended length is 1024 bits, which provides necessary security and maximum compatibility with existing DNS providers. For advanced setups, a 2048 bit option is available. However, this requires a TXT record that may not be supported by your DNS provider. Before choosing 2048 bits, make sure your DNS supports it and that you understand how to configure TXT records exceeding the 255 character limit.

2. Choosing a Selector. A DKIM Selector is simply a name for the key which becomes part of the DKIM domain record. For example, you may choose to enter “securence” or “mail” or “201907”.

3. Add a TXT record to your DNS You will need to add a TXT record containing the public key. Copy the DKIM data provided by the setup wizard in Securence, and paste it into your DNS settings under the appropriate subdomain. For example, if you chose “securence” as your selector, you would add a TXT record under securence._domainkey.yourdomain.com.

4. Validate the TXT record. From within Securence, click the Validate button. Securence will perform a DNS lookup to confirm that the record exists and is formatted properly.

5. Enable DKIM signing. Check “Enable DKIM Signing” under the Outgoing Settings for your domain to start signing. You must also have at least one of your keys enabled for signing. Make sure your desired key has the “Enabled” box checked in the list. If you leave the setup wizard without validating your DNS, the key will still be securely stored. You may return later and click the Validate button for the key you wish to finish setting up. You will not be able to enable a key for signing until it has been successfully validated.

NOTE: If you manage you domain in Valimail, you will need to add the DKIM key/s on your domain's configuration page in the Valimail platform.

You can also find the instructions on how to set up DKIM and SPF for Securence, here.

You can find more detailed information on how to add a DKIM key in Valimail, here:

Once you establish that Securence is an authorized sender for your domain, you will need to add the service in your Enabled Senders.

You will find more detailed information on how to add a service for your domain in Valimail, here:

Note: We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.