How to add SPF and DKIM


Emails sent by client are being tagged as spam.


  • Gmail


Enable Sender Policy Framework (SPF)
  1. Login to your DNS dashboard in your domain host.
  2. Add the following record to your domain:
    • Type: TXT
    • Name/Host: @ or domain name or leave it blank
    • TTL: default or 3600 seconds
    • Value:
       v=spf1 ~all

Generate DomainKeys Identified Mail (DKIM) record

  1. Sign in to the Google Cloud console.
  2. Navigate to Apps > Select Google Workspace > click Gmail > Go to Authenticate email.
  3. In the Selected domain menu, select the domain where you want to set up DKIM.
  4. Click Generate new record.
  5. For DKIM key bit length select 1024.
  6. For Prefix selector, we recommend you use the default.
  7. Click Generate.
  8. Copy the DKIM values shown in the Authenticate email window.
Add DKIM to your domain host
  1. Go to your DNS settings in your domain host.
  2. Add a TXT record in your DNS Records and use the value generated in the Google Admin console.
    • Note: Wait for 48 hours before following the next step.

Turn on DKIM signing

  1. Sign in to the Google Admin console.
  2. Navigate to Apps > Google Workspace > Gmail > Authenticate Email.
  3. In the Selected domain menu, select the domain where you want to turn on DKIM.
  4. Click on Start Authentication. Process finishes when the status at the top of the page changes to: Authenticating email with DKIM.