1. Home
  2. Messaging / Email
  3. SPF, DKIM and DMARC
  1. Home
  2. Domain names
  3. SPF, DKIM and DMARC



SPF aims to reduce the possibility of spoofing by publishing, in the DNSa TXT record indicating which IP addresses are allowed, or prohibited, to send mail for the domain in question.

Adding an SPF record

From your customer interface, add the following TXT record:

v=spf1 a mx include:spf.webmo.fr ~all

The field Name must remain empty.


DKIM (Domain Keys Identified Mail) allows the recipient to verify the authenticity of an e-mail, by comparing a cryptographic signature present in the headers of the received e-mail and in the DNS zone of the sender's domain.

Activating a DKIM signature

To obtain a DKIM signature, which will be automatically applied to all emails sent via your domain name, you must request it by ticket.
The corresponding DNS record will be applied automatically in the DNS zone of your domain name, or will be communicated to you if the DNS servers for your domain name are not managed by Nuxit.


DMARC (Domain-based Message Authentication Reporting and Conformance) is a system that allows email senders to do two things:

  • Specify what processing the destination server should do on emails sent by its domain name, if they have an SPF and/or DKIM defect. For example:

    "Refuse all mails coming from my domain, if the SPF is invalid, without even putting it in SPAM at the recipient's".

  • Request a report from destination servers, containing a list of e-mails received by a destination server, according to certain criteria.

With these two elements, it is possible to determine if e-mails are sent outside the desired framework, and to counter very effectively the problems of usurpation.

However, DMARC is not yet used on a very large scale because it is difficult to implement, especially in shared messaging infrastructures.

However, do not hesitate to contact our technical support for any feasibility study on your domain name.

Updated on 6 June 2023

Related Articles