The Ultimate Guide to setting Up DNS Records for Improved Cold Email Delivery

4 min read

a blue button with a white envelope on it
a blue button with a white envelope on it
The Ultimate Guide to setting Up DNS Records for Improved Cold Email Delivery

Introduction

Learn how to set up DNS records to improve your email delivery and keep your sender reputation strong. This guide explains the important settings like SPF, DKIM, DMARC, and MX records, to make sure your cold emails get to the right inbox.

1. Understanding Sender Reputation

Your sender reputation is important and decides if your emails go to the inbox or end up in spam. It's based on your IP and domain reputation, and where your emails are placed. Setting up DNS correctly is key to keeping a good sender reputation.

2. SPF (Sender Policy Framework)
SPF helps the recipient's email system verify that emails sent from your domain are legitimate and should be accepted. This verification is crucial for ensuring your emails land in the inbox, not in spam. Setting up an SPF record helps prevent imposters from sending emails that appear to be from you, protecting your reputation and ensuring your messages reach the intended recipients

  • How to set up SPF for Google Email:

    • Login to your DNS provider (e.g., GoDaddy) and navigate to Advanced DNS settings.

    • Add a new TXT record with the following details:

      • Type: TXT

      • Host: @

      • Value: v=spf1 include:_spf.google.com ~all

      • TTL: 3600 seconds

  • How to Set Up SPF for Microsoft Email:

    • Login to your DNS provider (e.g., GoDaddy) and navigate to Advanced DNS settings.

    • Add a new TXT record with the following details:



3. DKIM (DomainKeys Identified Mail)
DKIM adds an encrypted signature to your emails to help the recipient server verify that the email was indeed sent from your domain and is not a forgery.

  • How to Set Up DKIM for Google email:

    • Log in to your Google Workspace Admin console (admin.google.com) with an administrator account.

    • Go to ‘Apps’ > ‘Google Workspace’ > ‘Gmail’ > ‘Authenticate email’.

    • Select your domain > ‘Generate new record’. (If you already have an existing DKIM key, you might see the option to rotate or regenerate the key instead.)

    • Choose the DKIM key bit length. While 1024 bits is an option, Google recommends using 2048 bits for enhanced security.

    • Click "Generate." This action generates a public key. Google manages the corresponding private key automatically.

    • Log into your domain’s DNS provider and navigate to the section for adding or updating DNS records. Add a new TXT record using the DKIM details provided by Google. Ensure the record format is v=DKIM1; k=rsa; p=MIGfMA0GCSqG... (your actual public key will vary).

    • After adding the record, return to the Google Admin console. DNS changes may take up to 48 hours to propagate. Once you believe the DNS has propagated, return to the Gmail settings in the Admin console and click "Start authentication."

    • To verify that your DKIM TXT record is correctly set up, use external tools like MXToolbox. Go to mxtoolbox.com/dkim.aspx, enter your domain, and use the DKIM selector ‘google’.

  • How to Set Up DKIM for Microsoft email:

    • Log into the Microsoft 365 Admin Center (admin.microsoft.com) and sign in with an administrator account.

    • Navigate to Admin centers > Exchange > Protection > 'DKIM'

    • Choose the domain for which you want to enable DKIM and click on 'Enable' if DKIM isn't already enabled. If you do not have DKIM records already set up, Microsoft will prompt you to create them.

    • Microsoft will provide you with two CNAME records to add to your DNS hosting provider (where your domain's DNS settings are managed). These records link your domain with Microsoft's DKIM signing system.

    • Records will look something like this:

    • Log into your DNS hosting provider's admin panel and add the provided CNAME records.

    • DNS changes might take some time to propagate, usually up to 48 hours, so wait.

    • After verifying that the DNS records are correctly propagated, return to the Microsoft 365 Exchange admin center and ensure DKIM is enabled for your domain.


Use external tools like MXToolbox to verify that your DKIM setup is correct. You will need to enter your domain and the DKIM selector which is typically selector1 or selector2 as provided by Microsoft.

4. DMARC (Domain-based Message Authentication, Reporting, and Conformance)
DMARC uses SPF and DKIM to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.

  • How to Set Up DMARC for Google & Microsoft emails:

    • Wait for 48 hours after configuring SPF and DKIM to ensure they have propagated fully.

    • Add a new TXT record in the DNS with the following:

    • The p=none policy instructs email receivers to not take any specific action on mail that fails the DMARC check, but to send reports to the email specified after rua=. This setting is recommended to start with to monitor how your emails are performing without affecting delivery.


5. Testing Your DNS Records
After setting up SPF, DKIM, and DMARC records, it's important to test them:.
Use tools like MXtoolbox.com and Mail-tester.com to ensure your records are correctly published and recognized by email servers.

Setting up DNS records correctly is not only crucial for improving email deliverability but also essential for building a trustworthy brand.

Follow this guide to ensure your cold emails perform as expected, leading to better engagement and conversion rates.

If you need any further help regarding Lead Generation or Sales, just send me a sentence at - Asif@BusinessMustHave.net