Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages
Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages

How to set up email authentication in UniSender

Why is an email authentication required
Step 1. Find out a domain hosting
Step 2. Generate SPF and DKIM records in UniSender
Step 3. Set up SPF
Step 4. Set up DKIM
Step 5. Check the records in UniSender
FAQ
If you want it done for you
Useful links

Email Authentication verifies the authenticity of the sender and improves email delivery.

Authentication includes two records: SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail):

  • SPF includes domains and IP addresses which are permitted to send emails from your domain;
  • DKIM provides a digital signature that verifies that an email is authentic and is sent from a verified source.

Why is an email authentication required

Email authentication serves as a means of verification: emails are received and sent upon verification by service providers.

Authentication provides two advantages:

Greater chances of emails being sent successfully. Thorough verification by service providers, emails get sent through without being shortlisted as spam messages. Authentication also helps to prevents fraudulent and inappropriate mails.

Access to additional services. Customers can enjoy additional services from email providers,(Gmail, Outlook) such as “postmasters” which displays the spam rate or domain and IP reputation. It is quite impossible to have access to this sort of information without email authentication.

Email authentication can be set up unaided or ordered through UniSender.

This article contains step-by-step instructions on how to set up email authentication on one’s own.

Step 1. Find out a domain hosting

To set up authentication, you need to know which hosting is yours. You can do it using MxToolbox or a similar service.

For example, let’s check the hosting of Reserved.com.

Viewing NS records

Authentication needs to be configured on Cloudflare hosting because NS records point to it

Remember the name of the hosting, you will need it later.

Step 2. Generate SPF and DKIM records in UniSender

Sign in to your UniSender account, click on your ID, and select «Account setup» on the drop-down menu.

Account setup

Account setup

Before moving to the domain settings, make sure that you have at least one confirmed email address on this domain. To check this, click on the «Confirmed emails» tab. If there are no confirmed emails on your domain, click on the «Add» button, and follow the instructions to confirm the address.

Confirmed email addresses

Confirmed email addresses

Now go to the «Domain authentication» tab. You need to configure authentication for the domain, from where emails are being sent out. Click on the «Create» button.

Configure domain authentication

Configure domain authentication

Click on «Obtain settings».

Popup to enter the domain and receive DNS records

Popup to enter the domain and receive DNS records

Next, you will see the records that you need to copy to the hosting.

Data for setting up authentication in UniSender

Data for setting up authentication in UniSender

Step 3. Set up SPF

In this instruction manual records, we would be using GoDaddy as an example. You may have another hosting, only the interface will be different. How to add TXT records on other popular hosting sites:

After receiving the records from UniSender, go to the hosting, click on the «Home» button, and select «Domains» on the menu.

The section you need to manage the domain

The section you need to manage the domain

Here, click on the three dots next to the domain and select «Manage DNS».

Transition to DNS management

On the page with DNS records click the «Add» button to create a new record.

DNS Management

DNS Management

From the records received in UniSender take the string @ TXT v=spf1 include:spf.unisender.com ~all and add it on the hosting in the «DNS Management» section.

What this string signifies:

  • @ — record name (host). If @ is not accepted, enter in «Host» your domain, such as yourdomain.com.;
  • TXT — record type;
  • v=spf1 include:spf.unisender.com ~all — record value.

Creating SPF record

Enter the data of the SPF record. Leave the TTL value by default. Click on «Save»

Created SPF record

The result — SPF record created

What to do if you already have an SPF record of another service

Step 4. Set up DKIM

Select the same record type as for SPF — TXT.

Copy the subdomain us._domainkey from the records received in UniSender and paste it into the «Host» field on your hosting.

On some domain control panels, you need to enter us._domainkey with a second-level domain, for example, us._domainkey.yourdomain.com.

TXT Value: k=rsa; p=xxxxxxxxxxxxxxxxxxxxxxxxxxxx.

Creating DKIM record

Enter the data of the DKIM record. Leave the TTL value by default. Click «Save»

This is how it looks like in the interface.

Created DKIM record

This is how it will be displayed on the hosting page after everything is entered

Step 5. Check the records in UniSender

After submitting the data on the hosting, go to «Account settings»«Domain authentication» and check if the domain status in UniSender has been updated. It does not get updated immediately; it usually takes from 30 minutes to several hours.

Checking the email authentication

Click on the arrow icon next to «enabled» to check authentication manually

It’s ready! You have finished setting up email authentication for your domain.

FAQ

What to do if I already have an SPF record of another service?

It is correct to have only one SPF record. At the same time, it can include all servers from the different services you use to send emails.

For example, you send emails via UniSender, but you also send directly via Gmail for business (G Suite). In this case, in the existing record «v=spf1 include:_spf.google.com ~all» you need to insert «include:spf.unisender.com» before «~all».

In the end, the record should look this way:

v=spf1 include:_spf.google.com include:spf.unisender.com ~all

For some services, such as Yandex and Mail.ru, the SPF record may look different: with «redirect=» instead of «include:». For example, «v=spf1 redirect=_spf.yandex.net». In this case, add «include:spf.unisender.com» to the existing record «v=spf1 redirect=_spf.yandex.net», and replace «redirect=» with «include:». At the end of the record add «~all».

v=spf1 include:_spf.yandex.net include:spf.unisender.com ~all

You can also edit a standard SPF record from any other email provider using the same principle.

What can I do if I have added records, but UniSender still shows «created» or «disabled» status?

If a notice was displayed during the update that signifies that no error was found, wait for 30 minutes. After the stipulated time, the status will be updated and changed to «enabled».

What errors may occur after updating:

  • DKIM record not found;
  • The SPF record does not exist;
  • A required setting is missing in the SPF record include:spf.unisender.com.

In this case, you should check the accuracy of records at your hosting. We recommend that you pay attention to extra spaces, as the verification of the record takes them into account. Also, it makes sense to check if you have added records on the hosting. If everything is correct, wait until the records are distributed by the Name Servers of your hosting and the cache of our Name Server is updated.

Do I need to set up DMARC?

In addition to SPF and DKIM, you can also set up a policy that reads the record called DMARC (Domain-based Message Authentication, Reporting, and Conformance). With this policy, email providers will send instructions on what to do if an email is sent from your domain but does not match your SPF and DKIM record. This happens when somebody sends spam from your domain. Or worse, sends emails from your domain pretending to be you and tries to steal your customers’ personal information, such as their passwords, credit card details, e.t.c, using a fake website.
This situation is called phishing. If your domain has a strict DMARC policy, the scammer will not be able to send phishing emails.

DMARC allows you to receive reports and decide what to do with emails that do not pass SPF and DKIM verification.

How DMARC works

It is not compulsory to set up DMARC if you have just started the authentication process. You can send emails without this record. But if you want to protect your domain from phishing and acquire a creditable reputation from your email providers, you can set up DMARC.

If you want it done for you

Email authentication is not as difficult issue as it might seem at the beginning. If you don’t have the time to figure it out, or if something doesn’t work out, you can order setting up from UniSender Customer Care team.

Call us

A Definitive Guide To DMARC
DMARC Record Generator
DMARC Record Checker
MxToolbox — all-in-one tool for checking DNS records and blacklists

Оцените, на сколько вам показалась полезной статья «How to set up email authentication in UniSender»
(0)

More articles in «Сoncepts and terms»

New at marketer workbook