DNS Configuration Guide

Set up your DNS records correctly to ensure maximum email deliverability and security with Smarthost.MX.

DNS Checker SPF Setup DKIM Setup DMARC Setup

DNS Setup

Secure email authentication

DNS Checker Tool

DNS Access Requirements

To implement these DNS changes, you'll need administrative access to your domain's DNS servers. DNS records are typically managed through your domain registrar (such as GoDaddy, Namecheap, or Network Solutions) or through a separate DNS hosting service (like Cloudflare or AWS Route 53). If you don't have access to these settings, contact the person or organization responsible for registering your domain name.

Automated DNS Validation

Our DNS Checker tool automatically validates your domain's email authentication records and provides specific recommendations for improvement.

What it checks:
  • SPF Records: Validates your current SPF record and suggests improvements
  • DKIM Records: Checks for DKIM signatures and proper configuration
  • DMARC Records: Analyzes DMARC policy and reporting settings
  • MX Records: Verifies mail server configuration
  • A/AAAA Records: Checks domain resolution
Launch DNS Checker
Quick Check Process:
  1. Enter your domain name
  2. Click "Check DNS"
  3. Review the results
  4. Apply recommended changes
  5. Re-check to verify

SPF (Sender Policy Framework) Setup

Understanding SPF

SPF (Sender Policy Framework) is an email authentication method that specifies which mail servers are authorized to send emails on behalf of your domain.

Why SPF is Important:
  • Prevents email spoofing and phishing
  • Improves email deliverability rates
  • Reduces spam and abuse reports
  • Required for DMARC compliance
SPF Basics

Record Type: TXT

Name: @ (root domain)

Purpose: Authorization

SPF Record Configuration

Basic SPF Record

If you only send email through Smarthost.MX:

v=spf1 include:spf.smarthost.mx -all
SPF with Multiple Services

If you send email through multiple services:

v=spf1 include:spf.smarthost.mx include:_spf.google.com -all
Example includes Google Workspace
SPF Record Components
v=spf1 SPF version identifier
include: Include another domain's SPF
ip4: Specific IPv4 address
ip6: Specific IPv6 address
a Domain's A record
mx Domain's MX records
~all Soft fail for others
-all Hard fail for others
Important: You can only have one SPF record per domain. If you have multiple TXT records starting with "v=spf1", they will conflict and cause SPF to fail.

DKIM (DomainKeys Identified Mail) Setup

Understanding DKIM

DKIM (DomainKeys Identified Mail) adds a digital signature to your emails, allowing receiving servers to verify that the email actually came from your domain and hasn't been tampered with.

DKIM Benefits:
  • Cryptographic authentication of emails
  • Prevents email content tampering
  • Significantly improves deliverability
  • Builds sender reputation over time
  • Required for DMARC alignment
DKIM Basics

Record Type: TXT

Selector: Generated key

Purpose: Authentication

DKIM Record Setup

Getting Your DKIM Record
  1. Log in to your Smarthost.MX Dashboard
  2. Go to the "Send From Addresses" section
  3. Add and verify your sending domain email address
  4. Go to DNS Checker and scroll to DKIM section
  5. Copy the provided DKIM DNS record information
Adding the DKIM Record

You'll need to add a TXT record with the following format:

Name: smarthost._domainkey.yourdomain.com
Type: TXT
Value: v=DKIM1;h=sha256;k=rsa;p=[Smarthost.MX Provided public-key]
The exact values will be provided in the DNS Checker page for the selected domain.
DKIM Record Components:

v=DKIM1: DKIM version

h=sha256: Hash algorithm

k=rsa: Key algorithm

p=: Public key data

DMARC (Domain-based Message Authentication) Setup

Understanding DMARC

DMARC (Domain-based Message Authentication, Reporting, and Conformance) builds on SPF and DKIM to provide policy enforcement and detailed reporting on email authentication.

DMARC Benefits:
  • Complete protection against email spoofing
  • Detailed reports on email authentication
  • Gradual policy enforcement capabilities
  • Significant deliverability improvements
  • Brand protection and compliance
DMARC Basics

Record Type: TXT

Name: _dmarc

Purpose: Policy & Reporting

DMARC Record Configuration

Basic DMARC Record

Name: _dmarc.yourdomain.com

Type: TXT

Monitoring Mode (No Protection):
v=DMARC1; p=none; rua=mailto:[email protected]
Quarantine Mode (Intermediate):
v=DMARC1; p=quarantine; rua=mailto:[email protected]
Reject Mode (Full Protection):
v=DMARC1; p=reject; rua=mailto:[email protected]
DMARC Policy Tags
v=DMARC1 DMARC version
p=none Monitor only
p=quarantine Move to spam folder
p=reject Block the email
rua= Aggregate reports
ruf= Failure reports
pct= Percentage to apply policy
sp= Subdomain policy
Recommendation: Start with p=none to monitor email flow, then gradually move to quarantine and finally reject as you verify legitimate email sources.

DMARC Reporting with Smarthost.MX

Plan Requirements: DMARC reporting is not available on all plans. Additionally, even if you include rua=mailto:[email protected] in your DMARC record, reports will only be processed for domains that are configured for monitoring in your DMARC Reports page. Reports for non-monitored domains will be ignored.

When you include rua=mailto:[email protected] in your DMARC record and have DMARC monitoring enabled for your domain, we'll collect and process DMARC reports.

What You Get (with DMARC monitoring enabled):
  • Daily aggregate reports showing email authentication results
  • Source analysis of emails claiming to be from your domain
  • SPF and DKIM alignment statistics
  • Recommendations for policy adjustments
  • Easy-to-understand visual reports in your dashboard
Configure DMARC Monitoring
Setup Requirements:

1. Compatible plan with DMARC reporting

2. Domain added to DMARC monitoring

3. DMARC record with rua= setting

4. Policy set to quarantine or reject

Report Schedule:

Aggregate: Daily summaries

Retention: 12 months

DNS Provider Specific Instructions

Cloudflare
Adding DNS Records:
  1. Log in to your Cloudflare dashboard
  2. Select your domain
  3. Go to the DNS tab
  4. Click Add record
  5. Select TXT as the type
  6. Enter the name and content as provided
  7. Set TTL to Auto
  8. Click Save
Cloudflare may take up to 5 minutes to propagate changes.
GoDaddy
Adding DNS Records:
  1. Log in to your GoDaddy account
  2. Go to My Products
  3. Find your domain and click DNS
  4. Scroll to Records section
  5. Click Add
  6. Select TXT as the type
  7. Enter the host and TXT value
  8. Click Save
GoDaddy changes can take 1-48 hours to propagate.
Namecheap
Adding DNS Records:
  1. Log in to your Namecheap account
  2. Go to Domain List
  3. Click Manage next to your domain
  4. Go to Advanced DNS tab
  5. Click Add New Record
  6. Select TXT Record
  7. Enter the host and value
  8. Click Save Changes
Namecheap typically propagates within 30 minutes.
AWS Route 53
Adding DNS Records:
  1. Open the Route 53 console
  2. Go to Hosted zones
  3. Click on your domain name
  4. Click Create record
  5. Enter the record name
  6. Select TXT record type
  7. Enter the value in quotes
  8. Click Create records
Route 53 changes are usually live within 60 seconds.

Testing and Validation

DNS Propagation Check

After adding DNS records, it's important to verify they've propagated correctly.

Using Our DNS Checker:
  1. Go to our DNS Checker tool
  2. Enter your domain name
  3. Review the results for any issues
  4. Make corrections if needed
Command Line Tools:

For technical users, you can also check using:

  • dig TXT yourdomain.com (SPF)
  • dig TXT smarthost._domainkey.yourdomain.com (DKIM)
  • dig TXT _dmarc.yourdomain.com (DMARC)
Common Issues
DNS Record Problems:
  • Multiple SPF records: Combine into one record
  • Missing quotes: Some providers require TXT values in quotes
  • TTL too high: Lower TTL for faster propagation during setup
  • Syntax errors: Check for typos and proper formatting
Propagation Delays:
  • DNS changes can take 24-48 hours globally
  • Some ISPs cache DNS records longer
  • Use multiple DNS lookup tools to verify
If you're having issues, our support team can help verify your DNS setup.