Email Authentication (SPF / DKIM / DMARC)
Also known as SPF DKIM DMARC · Email DNS records
DNS records that authenticate your outbound email so mailbox providers can verify it is genuinely from your domain.
What it is
SPF lists which servers may send for your domain, DKIM cryptographically signs messages, and DMARC tells receivers how to handle mail that fails those checks and where to send reports. Together, published as DNS records, they authenticate email from your sending domain.
Why it matters
Without these records, messages from your contact forms, transactional systems, and newsletters are far more likely to be spoofed or land in spam, and providers like Gmail and Yahoo now require them for bulk senders. Reliable delivery protects brand trust and the conversions that depend on email.
How to verify
Query DNS for the relevant TXT records (SPF at the root, DKIM at selector._domainkey, DMARC at _dmarc) using dig, nslookup, or a checker like MXToolbox. Send a test message to a Gmail account and inspect 'Show original' to confirm SPF, DKIM, and DMARC pass.
How to fix
Publish an SPF TXT record covering all legitimate senders, enable DKIM signing at your email provider and add its public key, then add a DMARC record starting at p=none to monitor before enforcing. Review DMARC aggregate reports and tighten the policy to quarantine or reject once aligned.
Related terms
- Contact Form SubmitsThe live contact form actually delivers a message end-to-end, reaching and routing to the right inbox.
- Certificate ValidityThe site's TLS certificate is valid, trusted, and not close to its expiry date.
- HTTPS with HSTSServing every page over HTTPS encrypts traffic, and the HSTS response header forces browsers to use HTTPS for all future requests to the domain.
- Legal Pages PresentPrivacy Policy, Terms of Service, and a Cookie/consent page are published and linked, typically from the footer.
Official references
External, opens in a new tab.
Put this into practice.
Work through every check by hand and turn it into a shareable GEO Score report — or scan your site automatically in seconds.