SPF(supported) (dedicated subdomain) DKIM(recommended)
This article covers the SPF and DKIM authentication processes for Sailthru and how they are managed in Valimail Enforce.
Adding Sailthru as an authorized sender in the Valimail Enforce usually requires a dedicated subdomain to be pointed to the Sailthru infrastructure and typically the DKIM keys will be added in the Valimail platform. While only one of the two authentication methods is required for an email to pass DMARC, our recommendation is to configure both whenever possible.
TABLE OF CONTENTS
- Configuring DKIM authentication for your Sailthru emails
- Add a Sailthru DKIM key in Enforce
- Configuring SPF authentication for your Sailthru emails
- Enable SPF alignment in Sailthru for your domain
Configuring DKIM authentication for your Sailthru emails
Configure Google Postmaster Tools
Before setting up DKIM in Sailthru for your domain, you will need to configure Google Postmaster tools.
It is likely that many if not most of your recipients use Gmail. Google Postmaster Tools allows you to analyze your email sends to these users, offering data on delivery errors, spam reports, reputation scoring, and more. The setup process below is required to ensure that you and Sailthru can work to ensure optimal deliverability, mitigating any issues that may arise.
These configuration steps require a Google account of your own, and one for each additional co-worker for whom you wish to grant access to this data.
1. Go to postmaster.google.com.
2. If domains are listed, and you need to add a new domain, click the plus sign in the bottom-right. If no domains are listed, click Get Started.
3. On the Getting Started dialog, under What domain do you use to authenticate your email?, enter the domain that your company uses for your From address when sending email.
4. Under Domain Configuration, copy the entire TXT record displayed in the gray box and ask your domain/IT administrator add this text as a “TXT record” for your domain.
5. Click Not Now if you are waiting to have this TXT record implemented by your IT/domain administrator.
6. Once the TXT record is implemented, return to postmaster.google.com, hover your mouse over the domain name, and click Verify Domain.
7. Once the domain is verified, you’ll need to add Sailthru as a user, plus any additional coworkers who will need to view Gmail deliverability information.
a. Next to the domain, from the menu, select Manage Users.
b. Click the plus sign to add the email address of a user to authorize. The user’s email must be associated with a GMail or Google Apps account. The Sailthru address to add is email@example.com.
c. Enter the email address and click Next.
d. Click Add Another or Done. Notify your Project Manager or Customer Success Manager when the Sailthru address is added.
8. Notify your Project Manager or Customer Success Manager when the Sailthru address is added.
Setup your DKIM using a CNAME
10. Create a new CNAME for your DKIM record.
The CNAME sailthru._domainkey.yourdomain.com should point to yourdomain.com.sailthrudkim.com.
Note: This step requires you to set up only a CNAME. Once this is finished, your Sailthru Account Manager will set up the DKIM key (a long string of letters, numbers, and other characters) for the DKIM record to be complete.
The DKIM record proves authorization from your sending domain.
11. Add the Sailthru DKIM key in Valimail Enforce.
You can find the complete instructions on how to set up DKIM and SPF for Sailthru here.
Add a Sailthru DKIM key in Enforce
Configuring SPF authentication for your Sailthru emails
We encourage you to use the comment section for any useful information about your sending service, such as the name of the service owner, change request ticket numbers, etc.
Enable SPF alignment in Sailthru for your domain
You may notice that Sailthru emails are not authenticated via SPF, even after you have added Sailthru to your domain's configuration. This is likely caused by Sailthru not sending SPF aligned-mail and can be corrected by following the process detailed below.
1. Create a new subdomain based on your sending domain: bounce.yourdomain.com
EX: Sending domain is sailthru.com – create bounce.sailthru.com
EX: Sending domain is email.sailthru.com – create bounce.email.sailthru.com
2. Publish these TXT and MX records in your DNS:
bounce.yourdomain.com IN MX 10 njmta-173.sailthru.com
bounce.yourdomain.com IN MX 10 mtast-04.sailthru.com
bounce.yourdomain.com IN TXT "v=spf1 mx include:aspmx.sailthru.com ~all"
You can find more info on the SPF domain alignment in Sailthru here.
As always, if you have any questions, please don't hesitate to submit a ticket.