SPF(supported) / (dedicated subdomain) 
DKIM(recommended)



This article covers the SPF and DKIM authentication processes for MarchingOrder and how they are managed in Valimail Enforce. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.


MarchingOrder typically uses a dedicated subdomain configuration setup and they are leveraging Elastic Email as their infrastructure provider.




TABLE OF CONTENTS



Configuring DKIM authentication for your MarchingOrder emails


1. Please add a DKIM record (TXT record) of the public key so that the From domain can sign emails with DKIM for security and deliverability purposes. The d= domain would be the From domain. The selector will be "api._domainkey" in all cases.


Name (if using primary domain): api._domainkey.yourdomain.edu

Or

Name (if using subdomain): api._domainkey.subdomain.yourdomain.edu


Value:

k=rsa;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbmGbQMzYeMvxwtNQoXN0waGYaciuKx8mtMh5czguT4EZlJXuCt6V+l56mmt3t68FEX5JJ0q4ijG71BGoFRkl87uJi7LrQt1ZZmZCvrEII0YO4mp8sDLXC8g1aUAoi8TJgxq2MJqCaMyj5kAm3Fdy2tzftPCV/lbdiJqmBnWKjtwIDAQAB


Important: If you are managing this domain/subdomain in Valimail, you will need to add this DKIM in the Configuration page for your domain in Valimail Enforce, like presented below.


2. After you add the DKIM key, you will need to contact MarchingOrder for them to verify the setup.


Notify MarchingOrder of the sending email address so that it may be added and verified in the system.

After adding the sender email address, please copy/paste the information below and instruct the service owner to forward it to MarchingOrder.


**************

Hello,


The email deliverability steps are complete. The sender email address for MarchingOrder will be <insert sender email address>. Please forward this information to your MarchingOrder customer success manager so that they can add / verify this email within their system.

**************



Sometimes, they may encounter an error with the SPF record. See the notes below:


Notes:

We have heard from various customers that it is preferable to set up MarchingOrder from a specific subdomain for example, graduationnews.mydomain.edu instead of setting it up at the Org domain level (ie instead of mydomain.edu). This is due to a few reasons:


  • MarchingOrder leverages Elastic Email as their infrastructure provider and has limited control over Elastic Email's verification process.
  • Elastic Email is incapable of parsing our customers' standard SPF record. Instead their platform is doing a simple regex check against the text record to find an include and not a real SPF query. (we have reached out to Elastic Email to improve their verification process). Using a dedicated subdomain as noted above can help with this problem. 
  • Another workaround is to specifically list the Elastic Email SPF include in your SPF record directly after the Valimail record. This is not ideal as the Elastic Email record is overly permissive. But some customers have said this worked for them.


Please be sure to contact Marching Order's Support Team for additional information.






Add a MarchingOrder DKIM key in Enforce


1. Go to your domain's Configuration page in Valimail Enforce and publish the newly created DKIM key.


    a. Scroll down and add the DKIM key in your configuration, by clicking on Add a DKIM key

    b. Enter the selector name, the DKIM TXT value (the actual value is the entire string after the p= tag), associate the key with MarchingOrder, associate it with the proper subdomain if applicable, make sure you check the t=s tag and then click Add.


a screenshot of a computer



You can find more detailed information on how to add a DKIM key in Valimail Enforce here.






Configuring SPF authentication for your MarchingOrder emails


Once you establish that MarchingOrder is an authorized sender for your domain, you will need to add the service in your Enabled Senders list in Enforce.


1. Please go to your domain's Configuration page in Enforce.

2. Click on the + sign from the Enabled Senders section:


a screenshot of a email


3. Choose MarchingOrder from the list of configurable senders and then click Enable:


a screenshot of a computer


We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.






As always, if you have any questions, please don't hesitate to submit a ticket.