Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Multiple SPF/DKIM on single domain?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Multiple SPF/DKIM on single domain?

rEDrED Member

Hi,

I have a domain configured and am going to send mails from it but also I've a email hosted from the same domain at zoho so there would be 2 SPF/DKIM records, one for mail server and another required by zoho.

So my question is will they work together? Will my deliverability hurt?

Comments

  • Why, specifically, do you need two? Just stuff the associated records together for the SPF, and make sure you setup your DKIM selectors properly.

    Thanked by 2rED Clouvider
  • DKIM has a selector so each provider will have their own DKIM records.

    SPF can contain multiple items in one record, so you just have to compose SPF to include both providers' IP information.

    Thanked by 1Clouvider
  • rEDrED Member

    @Letzien said:
    Why, specifically, do you need two? Just stuff the associated records together for the SPF, and make sure you setup your DKIM selectors properly.

    You mean in single TXT entry?
    how to separate the records?

  • For SPF, let's say provider A needs an SPF saying A's IP is good and everyone else is bad. Same as provider B. You just need to compose a SPF saying both A and B's IP are good and everyone else is bad.

  • Pretty much precisely what msg7086 said. Further (basic) DKIM selector info here: http://www.dkim.org/info/dkim-faq.html

    Thanked by 4eol rED Clouvider uptime
  • MrHMrH Member

    SPF: v=spf1 include:provider1 include:provider2 -all

    Idk for dkim

  • ClouviderClouvider Member, Patron Provider

    @MrH said:
    SPF: v=spf1 include:provider1 include:provider2 -all

    Idk for dkim

    Wut. It’s not necessarily that way. Without specific you can’t go further than what @Letzien and @msg7086 said

  • CrossBoxCrossBox Member, Patron Provider
    edited January 2019

    No need for multiple SPF/DKIM records.

    In your case all you have to do is change your SPF TXT DNS record:

    domain.com. IN TXT "v=spf1 +a +mx +ip4:1.1.1.1 +ip4:2.2.2.2 +ip4:3.3.3.3 ~all"

    For DKIM, no changes are needed because it's just a TXT DNS record populated with your key. If you're sending from multiple servers just make sure that your emails are signed with a key that matches the one that is in your DKIM DNS record.

    Also, don't forget to add the DMARC record which tells the receiving server what to do with an email which doesn't pass SPF/DKIM checks:

    _dmarc.domain.com. IN TXT "v=DMARC1; p=none; rua=mailto:[email protected]; sp=none; aspf=r; adkim=r"

    Thanked by 1MrH
  • rm_rm_ IPv6 Advocate, Veteran
    edited January 2019

    CrossBox said: No need for multiple SPF/DKIM records.

    Moreover, in case of SPF having multiple SPF-format TXT records just shitcans the whole thing entirely, i.e. is considered a fatal SPF failure by receivers. You must have a single TXT record in which to include all the rules that you need.

Sign In or Register to comment.