Sign Your Emails With DKIM

KISREC uses Simple Mail Transfer Protocol (SMTP) to send outgoing email. It uses the email address you use when logging into KISREC to spoof the email sender.

The email is dispatched in this way to make it appear to arrive from your email address. Spoofing email from trusted domains is a popular technique for malicious spam and phishing campaigns so most email servers will detect spoofed email and direct them to the junk/spam folder.

It is highly likely your emails sent from KISREC will end up in the junk/spam folder or even blocked by the destination email server. To resolve this issue you should add the following DNS records to your domain DNS settings. This will activate the DKIM authentication for your outgoing emails.

You will need to be able to access and update your domain DNS settings. If you are unable to access your DNS settings then you should send this article to the person who manages your web site.

What is DKIM?

DKIM (DomainKeys Identified Mail) is an email security standard designed to make sure messages aren’t altered in transit between the sending and recipient servers. It uses public-key cryptography to sign email with a private key as it leaves a sending server.

Recipient servers then use a public key published to a domain’s DNS to verify the source of the message, and that the body of the message hasn’t changed during transit. Once the signature is verified with the public key by the recipient server, the message passes DKIM and is considered authentic.

While DKIM isn't required, having emails that are signed with DKIM appear more legitimate to your recipients and are less likely to go to Junk or Spam folders. We highly recommend you add a DKIM record to your DNS whenever possible to authenticate mail from your domain

SPF Record

This is a TXT record that should be added to the domain of the envelope address (yourdomain.com)

"v=spf1 a mx include:spf.turbo-smtp.com ?all"

If you already have an SPF record then add include:spf.turbo-smtp.com to your existing record directly after the segment v=spf1

The following is an example where an existing SPF for google already exists and the include:spf.turbo-smtp.com has been added

"v=spf1 a mx include:spf.turbo-smtp.com include:_spf.google.com ?all"

DKIM Record

For DKIM, add the provided TXT record to your domain's DNS settings, which contains the public key used to verify that the emails sent from your domain are indeed legitimate and have not been tampered with during transit.

turbo-smtp._domainkey

"k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDT3MWLni6so1q9eQggRYBCLHFjohZkCnYHH8gZNDBm6zRrodRVpWpJQW7x3cWWiuBhS1X0IfBB80l5tqFa+yc+mVgnk8tkUzOHFbPQPp4fi7egTpMtsQW/ZMrxw73SItNvPr72qvJTYZNPxarMx+ULjEWybcfEdXHPY8jslGcpCwIDAQAB"

DMARC Record

Complete the email authentication process by adding the given DMARC TXT record to your DNS, establishing a policy for how email receivers should treat messages that don't pass SPF or DKIM checks, and thus providing an additional layer of defense against fraudulent email practices.

_dmarc

Set the value to the following

v=DMARC1; p=none;

Popular Domain Providers

Here are some instructions for editing DNS records with popular domain providers. If your service isn't listed here, log in to your provider's site and search their help documents, or contact their customer support team.

If you require any assistance then please do not hesitate to get in touch.