In this article, we will explain how to authenticate your domain to improve the deliverability of your emails using standard email signature protocols: SPF and DKIM.
These protocols meet various safety issues and should be implemented to ensure the best possible deliverability, both on shared and dedicated IPs.
Before you start
- If you're unfamiliar with domain authentication, check out our dedicated article About domain authentication (DKIM, SPF).
- Verify your domain using DNS records, a hosted file, or an email verification code. You can verify and authenticate your domain simultaneously with DNS records. To learn more, check our dedicated article Verify your domain to approve new senders automatically.
👆Step 1: Access the Domains page
To access the Domains page:
- In Sendinblue, click on your name at the top-right side of the screen.
- Select Senders & IP.
- Click Domains.
⚙️ Step 2: Generate the DNS records
To generate the DNS records that you will use to authenticate your domain:
- Click Add a domain.
- Enter the domain name you wish to use to sign your emails and click Save. In our example, we are using the domain domain.com.
- The DNS records (Sendinblue code, DKIM, and SPF) that need to be added to your domain host display.
Under the domain name that you want to use, you will either need to click:
- Authenticate, if you already verified your domain, or
- Verify, if you haven't verified your domain yet.
The DNS records (DKIM and SPF) that need to be added to your domain host display.
🚀 Step 3: Add the DNS records to your domain host
- Open a new window in your navigator and access your domain hosting platform.
- If you haven't verified your domain before, follow Step 2 from our dedicated article Verify your domain. We highly recommend using DNS records to verify your domain as it allows you to verify and authenticate your domain simultaneously.
- Create a DNS entry of TXT type for each DNS record: DKIM and SPF.
- In the Hostname field, paste the hostname as it appears under DKIM record and SPF record, respectively.
- In the Value field, paste the generated Value code under DKIM record and SPF record, respectively.
- Click Verify & Authenticate or Authenticate.
- Once the configuration is complete, a green check appears next to the Value fields for DKIM and SPF records.
Your domain has been authenticated, and your emails will now be signed with your own domain name in your recipients' mailbox! 🚀⬇️
🧐 How to verify if my emails have been signed?
You can easily verify if your emails have been signed. Webmails allow you to see if your email has been signed through both protocols by reviewing the email header and looking for the references "spf=pass" and "dkim=pass".
To learn how to find email headers, check out our dedicated article How do I find email headers?.
In the above example from a Gmail email header, the references "spf=pass" and "dkim=pass" certify that the email is signed with the domain "newsletter-monsite.com". Signing your emails with your own domain name helps you manage your own reputation, either on our shared IP or your dedicated IP.