Categories

10Analytics
Analytics (1)
3Captavi Release Notes
Captavi Release Notes (3)
2Captavi Support Tips
Captavi Support Tips (8)
7Data Science
Data Science (1)
5Email Marketing
Email Marketing (3)
6Marketing Automation
Marketing Automation (5)
8Marketing Technology TCO
Marketing Technology TCO (1)
1Personas
Personas (2)
4Time-Saving Marketing Tips
Time-Saving Marketing Tips (3)

Archives

201805May1
May 2018 (1)
201712December2
December 2017 (2)
201711November1
November 2017 (1)
201710October1
October 2017 (1)
201709September1
September 2017 (1)
201708August1
August 2017 (1)
201706June2
June 2017 (2)
201704April1
April 2017 (1)
201702February3
February 2017 (3)
201701January1
January 2017 (1)
201608August1
August 2016 (1)


15https://www.captavi.com/blog/2017/02/secure-email-setup-process-updated-2017
secure-email-setup-process-updated-2017
Posted by: Poster Avatar Captavi Support   |    02/18/2017 09:55 AM

Setting up secured emails

Historically, the process for establishing a secured link between a domain name and an email provider has been pretty loose. In the past decade, the process has been refined and now we have a very clear path for establishing a connection between these two parties. The first thing you will to do is gain access to your domain provider or name server provider. We are going to need to update several DNS records to get everything into place. If you are uncomfortable with DNS records feel free to reach out to your support contact at Captavi to have this completed for you.

Emails

Sender Policy Framework (SPF) Records

Commonly referred to by their abbreviation the SPF record. Previously this was its own record type at the DNS level. This has since been deprecated. You will now utilize TXT records to store SPF data. A typical format for a TXT record containing SPF information would be the following:

v=spf1 include:email-od.com ~all

If you use google mail as your email provider you'll need to merge the two TXT SPF records into one record.

This is as simple as adding a second "include:" to your string. An example could be: 

v=spf1 include:email-od.com include:spf.protection.outlook.com  ~all

It is important to note that you will NOT wish to copy the above outlook example. Google and Outlook may have updated SPF requirements. It is always best to determine the latest requirements directly from their documentation. Be certain to have the following properly integrated into your record:

include:email-od.com

DomainKeys Identified Mail (DKIM) Authorization

Each and every message that processes through the Captavi Platform is automatically signed with a DKIM signature that authenticates email-od.com as the point of origin for your messages. This allows every message processing on our platform to properly authenticate at the major service providers. No action is required for DKIM authentication to occur, however, you have the option to customize DKIM signing with your own domain.

If you choose to utilize your own domain you'll need to create a CNAME entry at the DNS level. The CNAME entry for "example.com" would be as follows:

dkim._domainkey.example.com CNAME IN dkim._domainkey.email-od.com
Once you have this completed, you'll need to notify a member of our team via the support ticketing system. That team member will run our internal validation tools on the record to authorize our email domain to utilize your domain name when sending your emails to your customers.

 

 

Imac

DMARC Policy

Domain-based Message Authentication, Reporting, and Conformance for short DMARC is the pinnacle of security and authentication. It involves another layer of rigor for establishing this level of compliance. Adding a valid SPF record to your domain that includes the Captavi platform (email-od.com) is a best practice. It is not enough to achieve a passing SPF result for DMARC. DMARC at the "relaxed" level requires that the organizational domain used in both of the two "From" addresses are matching. For example, the from address in the email marketing tool is [ @example.com ], then your reply address also needs to use an email address like [ @example.com ] or a subdomain such as [ @bounces.example.com ].

To help Captavi customers achieve passing SPF records that meet DMARC requirements we offer a feature called Custom Bounce Domains. This allows you to white-label the domain portion of the VERP address used in message delivery. If you would like to pursue DMARC Policy compliance please submit a ticket to the Captavi Support team for assistance.