SPF(supported)
DKIM(recommended)


This article covers the SPF and DKIM authentication processes for Marketo and how are they managed in Valimail Enforce. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.



TABLE OF CONTENTS




Configuring DKIM authentication for your Marketo emails


1. Open your Marketo account as an administrator.


2. Go to the Admin section.


a screenshot of a computer


3. Click Email, then the DKIM tab, and finally Add Domain.


a screenshot of a computer


4. Enter the domain you will be using in Marketo emails as the From Address and click Add.


a screen shot of a computer


5. Copy the Host Record and TXT Value and add the DKIM key in Valimail Enforce.


a screenshot of a computer


6. Once the DKIM key is added in Valimail Enforce, come back to Marketo, select your domain, and click Check DNS.


a screenshot of a computer


7. Once the DKIM key is validated, you will be ready to send authentication emails on behalf of your domain, using Marketo.


Note: The Marketo DNS check may not like the Valimail SPF Macro and display a warning.  While Marketo will send in alignment, you may need to contact Marketo Support to have them override the SPF validation script in their UI. The SPF response will work correctly and you can verify this by following the instructions found in this article: Valimail SPF Records.



You can find the instructions on how to turn on DKIM in Marketo here.





Add a Marketo DKIM key in Enforce


1. Go to your domain's Configuration page in Valimail Enforce and publish the newly created DKIM key.


    a. Scroll down and add the two DKIM keys in your configuration, by clicking on Add a DKIM key

    b. Enter the selector name, the DKIM TXT value (the actual value is the entire string after the p= tag), associate the key with Marketo and then click Add.


a screenshot of a computer

a white background with black dots





Configuring SPF authentication for your Marketo emails


Once you establish that Marketo is an authorized sender for your domain, you will need to add the service in your Enabled Senders list in Enforce.


1. Please go to your domain's Configuration page in Enforce.

2. Click on the + sign from the Enabled Senders section:


a screenshot of a email


3. Choose Marketo from the list of configurable senders and then click Enable:


a screenshot of a computer



We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.





As always, if you have any questions, please don't hesitate to submit a ticket.