A complete guide on how to set up and configure SPF, DKIM & DMARC for Google workspace.
In this guide, we will go over how to configure and set up SPF, DKIM, and DMARC for your Google workspace and why it is important. We will try to avoid details on how SPF, DKIM & DMARC work but will provide necessary information on how and why to set them up.
Before we start it is important to note that SPF, DKIM, and DMARC are all TXT records on your DNS and hence publicly available. So you wouldn't want to enter any information like a personal email address that you'd otherwise want to keep private.
Why should you set up this?
SPF, DMARC & DKIM are records that are used to validate if emails actually came from you and that they haven't been tampered with.
SPF (Sender Policy Framework):
This publicly announces the IPs allowed to send emails. A way of saying; "email is from me if it was sent from these IPs".
For SPF, create a DNS record pointing to:
v=spf1 include:_spf.google.com ~all
Here is an example, only that this one is for Zoho. It should look like this when you are done. Murlist.com, as in the example below, should be your domain instead.
DKIM (Domain Key Identified Mail)
Domain Key Identified Mail (DKIM) is used to allow the receiver mailbox to verify that the email you sent hasn't been tampered with in any form. This is important in making sure it wasn't maliciously changed in transit. Unlike SPF, DKIM is unique for each account. Chances are you already have this one set up in the initial configurations.