How to configure SPF, DKIM, and DMARC records for Brevo?
By now, you probably know enough about authenticating your email-sending domain and its numerous benefits. The first and perhaps the most important one being how it protects your organization from falling prey to pervasive cybersecurity attacks like phishing, ransomware, malware, spoofing, etc. Apart from this, configuring your sender domain with SPF, DKIM, and DMARC helps you uphold your brand’s reputation among your clients, stakeholders, and mail servers. It also plays a crucial role in enhancing email deliverability and the effectiveness of your email marketing campaigns.
Looking at the benefits of these email authentication standards, it only makes sense to adopt them for your organization. In fact, if you haven’t yet enforced SPF, DKIM, and DMARC for your domain, it is high time you do because Google and Yahoo have now made it mandatory for organizations sending more than 5,000 emails every day to comply with these authentication protocols. Even if you rely on a CRM platform, like Brevo, to send out your marketing emails, you need to authenticate your domain.
In this article, we will look at how to set up SPF, DKIM, and DMARC records, which are prerequisites for any email authentication strategy, particularly when using a platform like Brevo (formerly Sendinblue).
Sending emails using Brevo
Brevo (formerly Sendinblue) is a powerful CRM platform that allows you to manage email marketing campaigns efficiently. Speaking of effective management of your email campaigns, it is incomplete unless you authenticate your domain. This is why setting up SPF, DKIM, and DMARC records for authenticating your domain is very important to ensure that your emails land in the inboxes rather than the spam folders of recipients. It also improves deliverability and protects your brand from cyber threats such as phishing and spoofing.
In Brevo, domain authentication is not only a way to enhance the deliverability of emails but also to ensure that your organization meets the industry standards set by major email providers like Google and Yahoo. If not properly authenticated, it can result in blocking or flagging your emails, critically bringing down your marketing efforts.
Adding an SPF record in Brevo
While SPF is the first step in any email authentication strategy, this is not the case with Brevo. Since Brevo does not have the provision to manually set up SPF, you do not need to configure an SPF record in the CRM platform. This is because, with Brevo, the internal servers do the job of checking the SPF on the Envelope Sender, which negates the need for authorizing your email sending domains.
However, if you do try to implement your SPF record in Brevo by updating your DNS with “include:spf.sendinblue.com,” the SPF authentication will inevitably fail. This happens because, in this case, the Envelope From sender domain will not match the From: domain.
Moreover, another reason Brevo spares you the hassle of implementing an SPF record is by offering you assistance in configuring DKIM, which is just what you need for DMARC enforcement. To activate DMARC, you need either SPF or DKIM; if you have both, it’s well and good, but if you have even one of them, your DMARC enforcement will work just fine. This means that you can easily skip SPF implementation and move on with DKIM and DMARC.
Getting started with email authentication in Brevo
To authenticate your emails with Brevo, you will first need to add your domain to the platform.
Log into your Brevo account, then go to Senders, Domains, and Dedicated IPs > Domains. Click “Add a domain”, and fill in your domain name—for example, company.com—then finally, “Save this email domain.”
With your domain added, you can authenticate it using Brevo’s DKIM and DMARC records.
Adding a DKIM record in Brevo
Coming to DKIM records, they can be added to your Brevo by following one of the two ways— manually or automatically. Let us take a look at both of them:
Automated DKIM implementation
Considering your plan includes automated authentication, log in to your account in Brevo.
- Choose “Authenticate automatically” and confirm it by clicking “Continue” on the box that pops up.
- Enter your domain host’s credentials and click “Continue”
- With automatic setup, Brevo does all of this for you: Your DKIM records are added directly to your domain host, so you don’t have to update your DNS manually
Manual DKIM implementation
If Auto Setup is not available for your plan or if you want to set up your DKIM manually, here are the steps to follow:
- Log in to your Brevo account
- Copy the DKIM TXT record given by Brevo
- Now log into your DNS management console and add this record
- After adding the record, click “Save” in Brevo
Keep in mind that it might take some time to reflect the changes in your DNS. Once done, the DKIM authentication will be complete for Brevo.
Adding a DMARC record in Brevo
Just like DKIM, you can manually or automatically add a DMARC record to Brevo. Here’s how:
Automated DMARC setup
Log in to your Brevo account.
Click “Authenticate automatically,” then click “Continue”.
Enter the credentials of the domain host and press “Continue.”.
Using an automated setup, Brevo will add your DMARC record to your domain host automatically. Hence, no manual DNS update is required.
Manual DMARC setup
If your plan does not support automated setup or you prefer manual DMARC configuration, follow these steps:
- Sign in to your Brevo account.
- Brevo will provide you with the DMARC TXT record. Copy this record.
- Open your DNS management console and add this record.
- After adding the record, click “Save” in Brevo.
Now that you have added both DKIM and DMARC records, all that’s left to do is verify them. You can do this by clicking on “Authenticate this email domain” at the bottom of the domain authentication page. By doing so, you are making sure your emails are properly authenticated while they are being delivered and that your domain is well-protected from usage.
Need help implementing email authentication protocols for your domain? Get in touch with us to get started with the enforcement process!