I’m currently in the process of building a SAAS application (SavvyIdeas) and am using Mailjet for both transactional and marketing emails. Email deliverability will be critical, so SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) authentication is essential.
SPF and DKIM authentication is implemented using TXT-type DNS records:
The SPF (Sender Policy Framework) record lists all the servers authorized to send emails on behalf of SavvyIdeas. A receiving email server can check the SPF record to verify that the server sending the email is authorized. The DKIM (DomainKeys Identified Mail): record is used to add a digital signature to outgoing emails which the receiving email server can uses to verify that the email came from SavvyIdeas.
Together these help prevent spammers and unauthorized parties from pretending to be SavvyIdeas and ensure that emails haven’t been tampered with, helping ensure that emails end up in user’s inboxes and not in the spam folders.
I’m using Namecheap for DNS, and Mailjet’s instructions for setting up the required DNS records do not work as specified, which flummoxed me for a while. It turned out that Mailjet’s instructions for creating the required SPF and DKIM records specify the wrong host values if you are using Namecheap:
- For the SPF record, Mailjet specify a value of
example.com.. For Namecheap DNS this should be@. - For the DKIM record,Mailjet specify a host value of
mailjet._domainkey.example.com.. For Namecheap this should bemailjet._domainkey.
Other domain registrars may vary, but I thought I’d blog about this as a reminder to myself and may give others a hint if they are also having trouble getting the SPF and DKIM values to validate for Mailjet.