If you're using Salesforce to send emails, it's essential to consider SPF, DKIM, and DMARC settings to ensure they're delivered correctly.
In this guide, we'll review each authentication method and provide some guidelines for implementing SPF and DKIM policies in Salesforce .
Email Authentication Definitions
DMARC (Domain-based Message Authentication, Reporting, taiwan cell phone number and Conformance): was created to empower domain owners to control their email domain and prevent unauthorized use (email spoofing). This protocol tells receiving email servers how to handle emails coming from the company's domain.
DKIM (Domain Keys Identified Mail): is a protocol that allows a company to assume responsibility for the transmission of a message by signing it , allowing its verification by mailbox providers. Therefore, DKIM requires a public key in the DNS, and the recipient's email server uses this information to accept emails with the corresponding private key.
SPF (Sender Policy Framework) - This is an email authentication technique used to prevent spammers from sending messages on behalf of your domain. Similar to DKIM settings, SPF will require you to add their records to your DNS to authorize Pardot or Salesforce to send emails from your company's own domain.
These protocols were initially created as a measure to strengthen the security of the Simple Mail Transfer Protocol (SMTP) and address the rise of spam, as SMTP itself lacks authentication mechanisms. Each of these protocols has its own configuration and must be implemented and verified before sending emails from each platform.
How does email authentication work?
SPF is responsible for confirming that the email is sent from an authorized sender , while DKIM authenticates the email by comparing and validating the public and private keys.
Salesforce Email Authentication
Why is it advisable to implement authentication protocols?
There are multiple reasons why we should implement such protocols: