The Guide to Setting Up SPF, DKIM, and DMARC for Improved Email Deliverability on Shared Hosting

Learn how to improve your email deliverability on shared hosting with SPF, DKIM, and DMARC. Step-by-step guide for beginners.

shared-hostingspfdkimdmarcemail-deliverability

Why are SPF, DKIM, and DMARC important?

When you send emails from your shared hosting website, they often land in the spam folder or are not delivered at all. This is because email providers like Gmail or Outlook use strict authentication methods to prevent spam and phishing. With the three technologies SPF, DKIM, and DMARC, you can prove that your emails are legitimate. This significantly improves your delivery rate.

What is SPF?

Sender Policy Framework (SPF) specifies which servers are authorized to send emails on your behalf. You create a TXT record in your DNS zone listing the allowed IP addresses or hostnames.

How to set up SPF:

  • Log in to your DNS manager (e.g., cPanel).
  • Add a new TXT record.
  • Set the name to @ or your domain.
  • Enter a value like: v=spf1 include:_spf.google.com ~all (example for Google Workspace). Adjust the include values to your email provider.
  • Save the record. Propagation may take up to 48 hours.

What is DKIM?

DomainKeys Identified Mail (DKIM) adds a digital signature to the email header. Your mail server signs the email with a private key, and the receiving server verifies the signature using a public key published in your DNS.

How to set up DKIM:

  • Generate a DKIM key pair in your email service (e.g., cPanel).
  • You will receive a TXT record with a name like default._domainkey and a value like v=DKIM1; h=sha256; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQ....
  • Add this record to your DNS zone.
  • Enable DKIM in your mail server.

What is DMARC?

Domain-based Message Authentication, Reporting & Conformance (DMARC) builds on SPF and DKIM. It specifies how email providers should handle messages that fail the checks. You can instruct them to quarantine or reject, and you receive reports about the use of your domain.

How to set up DMARC:

  • Create a TXT record with the name _dmarc.
  • The value could be: v=DMARC1; p=quarantine; rua=mailto:dmarc-reports@yourdomain.com. The policy p can be none (monitor only), quarantine (move to spam), or reject (reject).
  • Start with p=none to collect reports, then tighten later.

Avoid common mistakes

  • SPF too strict: Use ~all (soft) instead of -all (hard) until you are sure.
  • DKIM key incorrect: Ensure correct formatting in the TXT record.
  • DMARC policy too strict: Start with p=none to test impact.

With these settings, you ensure that your emails are delivered reliably. If you are looking for a reliable web hosting provider that supports these configurations, check out our managed hosting packages.