How to Set Up SPF and DKIM for Dedicated SendGrid Users

All email systems need to be able to recognise when an email is sent from an authorized source. This way, the receiver knows that the message is legitimate and not an impersonation attempt. SPF and DKIM both offer this protection. The first one verifies the servers and IPs that are allowed to send email for your domain, while the second one encrypts or digitally signs outgoing mail so that it can't be tampered with in transit.

When you set up SendGrid to send your emails from your domain, you may find there is a "via SendGrid" notice for the email in the recipient's mailbox, this is especially visible for Gmail users. This notice means you haven't authorised SendGrid to deliver emails for you, so the mailbox provider considers that sent from SendGrid instead of your brand. To authorise SendGrid to send emails for you, you need to set up SPF and DKIM for SendGrid. This is a process also known as email domain authentication.

Why Set Up SPF and DKIM for SendGrid?

1. Your emails are more likely to reach the inbox.
2. The "via SendGrid" notice is removed, and your emails are perceived as coming from your brand, instead of SendGrid.
3. Boosts user engagement, as the user is more likely to open the email.
   

How to Set Up SPF and DKIM for SendGrid

Set up SPF

You need to create a new SPF record or update your existing SPF record on your domain:

If you have no SPF record on your domain, simply publish the following SPF record on it:

 v=spf1 include:sendgrid.net -all 

If you already have an SPF record, simply insert  include:sendgrid.net  right before the terminating mechanism in that record.

For example, if your current SPF record looks like this:

 v=spf1 a -all 

update it to:

 v=spf1 a include:sendgrid.net -all 

Note:

As some domain providers (DNS) do not support an SPF record it is advisable to also use the TXT record type as well, or just TXT is SPF is not available.

Set Up DKIM

Log in to the SendGrid dashboard using your credentials.

Go to Settings > Sender Authentication > Authenticate Your Domain, choose your DNS host and click the Next button.

Enter the domain you want to authenticate (e.g. example.com), and click the Next button.

Now SendGrid has created 2 DKIM records for you, using selectors s1 and s2 respectively, as highlighted below:

Then publish these 2 DKIM records (outlined in green) for your domain in the DNS:

Now email domain authentication is set up for SendGrid.

• Related Articles

• How to Protect Your Web Forms from Spam

  Dealing with spam through your web forms can be both frustrating and disruptive. It’s important to understand why your forms might be targeted by spam to better protect your site without causing alarm. Generally, spammers use automated tools to ...

• How to Share Google Search Console Access: A Step-by-Step Guide

  Sharing access to Google Search Console is essential when collaborating with Push team members. This guide will walk you through each step to share access securely and efficiently. Step 1: Log into Your Google Search Console Account Go to Google ...

• Pre-order Deposit Payments

  Taking a pre-order deposit is a great way of ensuring your get the sale for incoming stock, but it does require that you keep on top of your orders and ensure you manage your incoming orders inline with the website pre-order deposit facility. Making ...