Excellent! Your explanation demystified this setup that's been illuding me for a week. By pausing your video as I went, I was able to setup the DMARC record and validate it. The first validation failed due to syntax error, which was a missing semicolon at the end. One additional suggestion I'd make is to check the "raw" DMARC code in the record created. The optional tags I didn't specify were set to "relaxed" rather than "strict" which didn't appear until I checked the raw coding. The "raw" coding included the default settings I didn't specify, which is where the issues were found.
When I add these for my Google Domain, it knocks my site offline. I can see using a tool that the spf, skim, dmarc are all setup correctly - but the nameserver settings for my website aren't working. However when I prioritize my name servers, then my workspace email settings don't work properly. Any ideas on what I could be doing wrong. A bit more info - my registrar is Google domains and my web host is through wix, using their name servers. Previously, I was using custom name servers (in google dns settings) but to setup my workspace properly (also through google) I used default name servers. Using default, I don't see an option (or don't properly understand) how to setup the name servers there. When I try I get an error, "cannot change ns records on the root domain with google domains name servers.". Any pointers?
Hi, It is not clear why/how someone could by-pass a domain SPF protection and dmark will fix that? Because dmark is more to get reports and notificaitons when someone tried to send on your domain name?
Does anyone know why companies hardly set these records up and when being confronted with it companies seem to not care. Even IT professionals seem to not care about their protection.
I was looking to see if you made that video for setting up DKIM but could not find it. I host my own mail server (Mercury Mail) and I found myself needing to configure this but with great difficulty. I really don't have any hair left to pull out lol
This is a great and very informative video. I have one problem/question through regarding the DMARC enforcement. You said set it to restrict, but my concern is that if someone in my organization sends and email from home rather than the office the message would be rejected by the recipient. Our SPF is set for Office365, plus some static IPs we have for our offices, so emails sent from home or a mobile device may fail with this setting on, correct?
No, it will be fine. The user's client wherever they are based will connect to your O365 mail infrastructure which will send the email on the client's behalf. Clients never send mail directly; the email is passed from client to mail server and then off to the internet to another mail server until it gets to its destination.
Thank you for the clear explanation. You said DKIM must be configured for DMARC to work, however, what I understood from my research, that you only need either SPF or DKIM (or both of course) for DMARC to work, but not necessarily both. What's your input on that?
That's correct, either SPF or DKIM should be aligned for DMARC to pass. However to improve on deliverability rate, it's better to have both. Also considers that only DKIM alignment will survive when email is forwarded.
Yes, please make a video about dkim!
nice and useful! please make a video about DKIM!
Clear explanation for all the terms, please make a video for the DKIM
Excellent! Your explanation demystified this setup that's been illuding me for a week. By pausing your video as I went, I was able to setup the DMARC record and validate it. The first validation failed due to syntax error, which was a missing semicolon at the end.
One additional suggestion I'd make is to check the "raw" DMARC code in the record created. The optional tags I didn't specify were set to "relaxed" rather than "strict" which didn't appear until I checked the raw coding. The "raw" coding included the default settings I didn't specify, which is where the issues were found.
When I add these for my Google Domain, it knocks my site offline. I can see using a tool that the spf, skim, dmarc are all setup correctly - but the nameserver settings for my website aren't working. However when I prioritize my name servers, then my workspace email settings don't work properly. Any ideas on what I could be doing wrong.
A bit more info - my registrar is Google domains and my web host is through wix, using their name servers. Previously, I was using custom name servers (in google dns settings) but to setup my workspace properly (also through google) I used default name servers. Using default, I don't see an option (or don't properly understand) how to setup the name servers there. When I try I get an error, "cannot change ns records on the root domain with google domains name servers.".
Any pointers?
Hi,
It is not clear why/how someone could by-pass a domain SPF protection and dmark will fix that?
Because dmark is more to get reports and notificaitons when someone tried to send on your domain name?
Awesome tutorial, sir! Super easy to follow and great explanation and recommendations.
This is now 2 years old. Any updates on SPF, DKIM, or DMARC
Does anyone know why companies hardly set these records up and when being confronted with it companies seem to not care. Even IT professionals seem to not care about their protection.
Yes, please make a video on dkim when hosting your own mail server
Do you know any online courses that teach and certify for this kind of tech?
Highly informative video. My concept of mailing is clear now. Thank you so much ❤️.
Please make video about DKIM. Thank you.
I was looking to see if you made that video for setting up DKIM but could not find it. I host my own mail server (Mercury Mail) and I found myself needing to configure this but with great difficulty. I really don't have any hair left to pull out lol
Very in-depth, thanks for the video. Any chance you might consider making a video just on ARC seals?
Brother can't thank you enough in words 🙏💕💕💕. You are a lifesaver. Instantly subscribed
Skim video would be great
Please make a video about DKIM
Thanks a lot for your video. Please explain the process of creating these records for using my hosting servers as my mail server too.
This is amazing!
Love your content! But we are still hopeful that you will post the DKIM video!
please have a tutorial done for detailing the dmarc,dkim, spf records within the bind configuration files
thank you for your video.
thanks for your video
This is a really excellent explanation with details of TXT record, thank you!
Hi, can you indicate how this can be done on Webmin?
Am using MDaemon as an email service
sir What is difference between SPF alignment and SPF Authenticate.
NICE ONE! Do you know much about AADC sync?
You are awesome! Explained to the "T" and granular to the last detail.
Your videos are very informative. Can you make detailed videos on dkim record
Thank you for the crystal clear explanation video.
I need the DKIM video because I want to host my own please
Thank U.
how do you set it up?
Meant dkim video
Thank you very much, very good video
Big thanks for this very informative video.
would like to know how to create DKIM
Great 👍 keep making such good videos
thanks a lot, please do more videos.
Thank you very much, very good video ❤
Now I understand this better.
Thank you for the great lesson!
Cool video. Thank you!
This is a great and very informative video. I have one problem/question through regarding the DMARC enforcement. You said set it to restrict, but my concern is that if someone in my organization sends and email from home rather than the office the message would be rejected by the recipient. Our SPF is set for Office365, plus some static IPs we have for our offices, so emails sent from home or a mobile device may fail with this setting on, correct?
No, it will be fine. The user's client wherever they are based will connect to your O365 mail infrastructure which will send the email on the client's behalf. Clients never send mail directly; the email is passed from client to mail server and then off to the internet to another mail server until it gets to its destination.
Good video nicely done.
please make a video about dkim!
Just what I needed, thank you
The aspf tag has a default as strict or relaxed?
good attention, relaxed. he wrote relaxed but said strict
thank you very much
very helpful, clear explanation.
thank you so much !
Thank you for the clear explanation. You said DKIM must be configured for DMARC to work, however, what I understood from my research, that you only need either SPF or DKIM (or both of course) for DMARC to work, but not necessarily both. What's your input on that?
That's correct, either SPF or DKIM should be aligned for DMARC to pass. However to improve on deliverability rate, it's better to have both. Also considers that only DKIM alignment will survive when email is forwarded.
Thank you Emaud.
Great explanation!
Crystal clear. Thank you
wow, Thanks
GREAT tutorial. Complete novice here. You explain it perfectly and clearly. THANK YOU
Hi bro
Good job!
GREAT EXPLANATION AND FINALLY AFTER WATCHING YOUR VIDEO GOT IT TO WORK. I HAVE BEEN AT IT FOR LAST 3 days.
Now THAT's how you TEACH! Super helpful Emad. Thanks so much. Excellent explanations