Request a Call
Online Chat
 
Knowledgebase: Product Updates
DNS Records (DMARC, SPF, DKIM)
Posted by Wes Zulu, Last modified by Dave Zulu on 14 January 2017 12:08 PM

Setting up DNS for DMARC and using your own brand. We recommend that the Return Path = delivery@edm.yourdomain.com. So you will need an MX DNS entry:

1. Set-up a new MX record

edm.yourdomain.com MX 10 pmta.zululabs.com

2.) Then you will need an SPF Record:

yourdomain.com TXT "v=spf1  ip4:202.43.3.0/24 ~all"

*Note if you have an existing SPF record simply add in ip4:202.43.3.0/24

3.) Then we need to issue you with a custom edm DKIM / domain 


DomainKeys Identified Mail (DKIM) provides validation for mail sent "from" a specific domain. Mail sent from our system is signed with a unique signature when being sent and when it’s received, the receiving mail server checks your DNS (Domain Name Server) and confirms the private signature with the key that you have placed on your DNS. The association acts like a digital signature which can be validated by recipients.

Your DKIM key must be generated by Zulu eDM.

To have your own DKIM key created for your account please send a request to support@au.zululabs.com with your account details and "Sender" domain name (e.g. if sending from clients@theedmfactory.com the domain name would be "theedmfactory.com").

**Please note that you will need access to add records to your DNS to be able to do this. If you are unsure if you have access contact your IT department or the compnay in which that manages the domain name you wish to modify.

Once requested we will send through a DKIM key that will look similar to the following:

Hostname = key1._domainkey.theedmfactory.com (note we have updated clients to use edm._domainkey not key1.)
   
Type = Text (TXT)
   
Entry = "k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDxJMrk8skdfhuo1xMfm9v9GtLcRHriMIU+LPbNM7M5RZSfgteOI8L86n5Z/wMH5CzNBfqhZtC7+a+W4YQE+wr1ATKp7eNDV0qhdYX
R3U7KWPkk9dye2Fq9gu/DIWD2qI4QCGKzRTqKi9fEhdvPrQCOWwlyTzffYtdZ7y7ZmXhpmQIDAQAB"

This needs to be added to your DNS as per the image below. Once complete your DNS settings should look like the following (please click the image to enlarge)

 

If you would like us to confirm if your DKIM is working correctly - please email us at support@au.zululabs.com with the domain name you have set up with the DKIM and we will check this for you. It can take 48 hours to update on your DNS so please take note of this when sending a request through.

4.) We recommend a Google Postmaster DNS entry. We will issue you this record.

5.) Finally (and when we tell you to) implement your DMARC entry: 

yourdomain.com TXT "v=DMARC1\; p=none\; rua=mailto:bkcujiga@ag.dmarcian.com\; adkim=r\; aspf=r\;"

A finished DNS would look like this:


TROUBLESHOOTING

Some registrar's do not allow certain elements in the host part of the TXT record which can cause some issues (e.g. underscores and character limits). This issue is on the registrars side and we suggest that you set up a secondary custom domain for your email sending using a DNS provider that allows what your current registrar does not. Or you can switch DNS providers completely or contact them to see if they have a possible solution for you.

Some registrars automatically add quotation marks around the key which can cause errors as there is duplicate quotation marks in the saved file. All you need to do is update the file and remove the quotation marks from the key above and save the key again. This should resolve the issue.

SPF Notes:

Each domain entry i.e. domain.com or edm.domain.com must only have one SPF record per domain. 

We have seen:
"v=spf1 a mx ip4:118.127.45.165 ip4:118.127.46.56 ip4:202.43.3.0/24 include:sharepointonline.com include:spf.protection.outlook.com -all"
What you should have:
"v=spf1 ip4:118.127.45.165 ip4:118.127.46.56 ip4:202.43.3.0/24 include:sharepointonline.com include:spf.protection.outlook.com -all"

CPANEL DNS NOTES

The TXT Record should read (and it does on the cPanel): 


k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWCSjHqj4N3D1ZRILbOOZ3WcwhUAYoqmMpFf3xUxQKpX31D857cSLjJOQY4gUlF/wBiILSWy65ynL9ddbNNQ/slLiJ6+0rVlHcYJeh74F6FOUFmpnNNSRhXLH/0zGnE+JFsVxrPVJhhoSwboxKZsUXlcYDcuVg22K4KvPZ+IjTlwIDAQAB

However it is adding an extra \ in and causing issues.
See here: https://www.dnswatch.info/dns/dnslookup?la=en&host=edm._domainkey.cullenwines.com.au&type=TXT&submit=Resolve

It comes up as:

k=rsa\\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWCSjHqj4N3D1ZRILbOOZ3WcwhUAYoqmMpFf3xUxQKpX31D857cSLjJOQY4gUlF/wBiILSWy65ynL9ddbNNQ/slLiJ6+0rVlHcYJeh74F6FOUFmpnNNSRhXLH/0zGnE+JFsVxrPVJhhoSwboxKZsUXlcYDcuVg22K4KvPZ+IjTlwIDAQAB



The \ is actually there to uncomment the preceding ; character. Which gets added automatically in cPanel so no need to add your own (that's why its doubling up).

We've removed the \ symbol and it now shows correctly in lookups (with a single \). Please allow up to 4 hours for the DNS to propagate.

;; ANSWER SECTION:
edm._domainkey.cullenwines.com.au. 3599 IN TXT "k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWCSjHqj4N3D1ZRILbOOZ3WcwhUAYoqmMpFf3xUxQKpX31D857cSLjJOQY4gUlF/wBiILSWy65ynL9ddbNNQ/slLiJ6+0rVlHcYJeh74F6FOUFmpnNNSRhXLH/0zGnE+JFsVxrPVJhhoSwboxKZsUXlcYDcuVg22K4KvPZ+IjTlwIDAQAB"

If you have any further questions or inquiries please let me know.

In every lookup I perform it shows up without the \
"k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWCSjHqj4N3D1ZRILbOOZ3WcwhUAYoqmMpFf3xUxQKpX31D857cSLjJOQY4gUlF/wBiILSWy65ynL9ddbNNQ/slLiJ6+0rVlHcYJeh74F6FOUFmpnNNSRhXLH/0zGnE+JFsVxrPVJhhoSwboxKZsUXlcYDcuVg22K4KvPZ+IjTlwIDAQAB"

 

(0 vote(s))
Helpful
Not helpful

Comments (0)

Copyright Zulu Labs Global Pty Ltd, 11 William St Cremorne VIC, Australia 3121. Ph +61 3 9001 1590