There are some important NS (name-server) and DNS records that services like Gmail use to determine if a server is authorised to send email or not. Get these wrong or don’t include them and the emails you send may well be heading to the spam bin, if they are even accepted by the email service.
This article gives you an overview of what the essential records that affect email delivery are.
Note: Due to the risks involved if you make a mistake changing DNS or Name Server records (your website might not be accessible and you might not be able to send or receive emails) we strongly advise that you get your hosting company or a suitable professional to make the changes.
These essential records are:
This is arguably the most important setting that you need to check and make sure it is correctly configured. Many e-mail servers on the Internet are configured to reject incoming e-mails from any IP address which does not have reverse DNS where the hostname of the server matches the rDNS. Normally it is your Internet service provider (ISP) who must point (or “sub-delegate”) the zone (“….in-addr.arpa”) to your DNS server. It is very rare that a user has the privileges to make rDNS changes or updates
Reverse DNS (rDNS) is an IP-address-to-domain-name mapping (the opposite of DNS, which maps domain names to IP addresses).
A special PTR-record type is used to store reverse DNS entries. Technically, the PTR-record for example.com is “18.104.22.168.in-addr.arpa”
An SPF (Sender Policy Framework) record is a type of DNS zone record that identifies which mail servers are permitted to send email on behalf of your domain. SPF is implemented using TXT records.
Further information about SPF records and how to configure them can be found at http://www.openspf.org/SPF_Record_Syntax
Google also has a helpful overview and insights here: https://support.google.com/a/answer/33786?hl=en
Remember, your hosting company will (or at least should) be able to help you set this up. Out of the essential records on this page, this is the one you can do your self … if you want 🙂
DKIM (DomainKeys Identified Mail) is an authentication mechanism to help protect both email receivers and email senders from forged and phishing emails. Unlike SPF, DKIM must be configured on your server’s Mail Transfer Agent (MTA), so that your mail can be signed as well. This means that in most cases your hosting company will need to set this up for you if it isn’t already.
There’s no agreed best method for email authentication and because there are pros and cons for each, you can’t assume that all mail servers will use the same one. It’s best to employ both all of them.
To check if your domain name and DNS records are using SPF, DKIM and to see if your rDNS is configured you can use one of the following free checking services: