Email Authentication Setup

Set up SPF, DKIM, DMARC, and BIMI to prove your emails are legitimate and protect your domain from spoofing.

Sigil, the Signaler

0 of 15 checked

Audit all services that send email on your domain's behalf
More details
List every platform (ESP, CRM, transactional service, helpdesk) that uses your domain in the From or Return-Path. Missing even one causes SPF failures.
Publish an SPF TXT record on your domain
More details
Add a TXT record starting with "v=spf1" that includes each sending service. End with "-all" (hard fail) or "~all" (soft fail). Stay under 10 DNS lookups.
Validate your SPF record with a lookup tool
More details
Use an SPF checker to confirm the record parses correctly, has no syntax errors, and stays within the 10 DNS lookup limit.
Set SPF for subdomains used in sending
More details
Each subdomain needs its own SPF record. If a subdomain does not send email, publish "v=spf1 -all" to block spoofing.

Set up SPF, DKIM, DMARC, and BIMI to prove your emails are legitimate and protect your domain from spoofing.

Sigil, the Signaler

0 of 15 checked

Audit all services that send email on your domain's behalf
More details
List every platform (ESP, CRM, transactional service, helpdesk) that uses your domain in the From or Return-Path. Missing even one causes SPF failures.
Publish an SPF TXT record on your domain
More details
Add a TXT record starting with "v=spf1" that includes each sending service. End with "-all" (hard fail) or "~all" (soft fail). Stay under 10 DNS lookups.
Validate your SPF record with a lookup tool
More details
Use an SPF checker to confirm the record parses correctly, has no syntax errors, and stays within the 10 DNS lookup limit.
Set SPF for subdomains used in sending
More details
Each subdomain needs its own SPF record. If a subdomain does not send email, publish "v=spf1 -all" to block spoofing.

SPF Record