Blog

Oct 25, 2024

Business
RevOps

How to Set Up DMARC, DKIM, and SPF for Cold Outreach with Gmail

WTF is DMARC etc, and how do I do this??

When setting up a new email domain with Gmail for cold outreach, it's essential to set up DMARC, DKIM, and SPF records to protect your reputation and boost deliverability. Here’s a quick guide to getting these records in place!


1. Why Set Up DMARC, DKIM, and SPF?

Without these records, Gmail may flag your emails as spam, especially if you're new to cold outreach. Here’s how each helps:

  • SPF (Sender Policy Framework): Tells email servers which IP addresses can send emails for your domain.
  • DKIM (DomainKeys Identified Mail): Adds a digital signature that authenticates your email as being from your domain.
  • DMARC (Domain-based Message Authentication, Reporting, and Conformance): Checks SPF and DKIM alignment and gives instructions on handling failed authentication.

These records work together to keep your emails trusted and prevent them from ending up in junk folders.


2. Setting Up SPF for Gmail

  1. Open Your DNS Settings: Go to your domain registrar (e.g., Namecheap, GoDaddy).

  2. Add a New TXT Record: Choose TXT as the record type.

  3. Set Up SPF Record for Gmail: Your SPF record will look like this:

    v=spf1 include:_spf.google.com -all

  4. Save and Wait: It can take 24 hours for DNS changes to propagate.


3. Setting Up DKIM for Gmail

  1. Open Gmail Admin Console: Go to admin.google.com.
  2. Generate a DKIM Key:
    • Go to Apps > Google Workspace > Gmail > Authenticate email.
    • Select your domain and choose Generate new record.
  3. Add the DKIM Key to Your DNS:
    • Google will give you a selector and a long DKIM key.

    • Copy these details, then add a TXT record in your DNS with the name format 

      selector._domainkey.yourdomain.com

      and paste the DKIM key as the value.

  4. Activate DKIM: Once the record is saved, go back to Gmail and click Start Authentication.

4. Setting Up DMARC for Gmail

  1. Add Another TXT Record in Your DNS:
    • Set the name to _dmarc.yourdomain.com.
    • Use this as the value:v=DMARC1; p=none; rua=mailto:[email protected]
    • The p=none policy is best for monitoring initially. You can adjust it later to p=quarantine or p=reject for stricter enforcement.
  2. Save and Monitor Reports: DMARC will send reports to your specified email, giving insight into any authentication issues.

Once these records are active...

Gmail will recognize your emails as authentic, which can significantly improve your deliverability. After a few weeks, you can adjust your DMARC policy for stricter enforcement, but there's really no need (unless you get a report that someone is trying to impersonate you). With these safeguards in place, you’re ready to reach out with confidence!