BètaSPFWise is in bèta, en elke functie is gratis totdat deze eindigt. Meer informatie nadat u zich hebt aangemeld.
Handleidingen

Handleidingen voor e-mailauthenticatie

Praktische, no-nonsense handleidingen voor SPF, DKIM en DMARC. Los op wat kapot is en houd uw e-mail uit de spam.

dmarc

HubSpot Email Authentication: Connecting Your Domain with SPF, DKIM & DMARC

HubSpot sends your email from its own servers, so your DNS has to authorise it. This guide walks the connect-sending-domain flow record by record: the two DKIM CNAMEs, the return-path that makes SPF align on your own domain, why you usually leave your root SPF alone, and the DMARC policy that clears the Google and Yahoo bulk rules. Confirm every record resolves before you click Verify in HubSpot.

3 jul 20266 min lezen
dkim

Klaviyo SPF and DKIM Setup: Authenticate Your Sending Domain Correctly

Klaviyo does not want you to add its servers to your root SPF record. You point a branded sending subdomain at Klaviyo with CNAME records, and Klaviyo hosts SPF and DKIM for you. This guide gives the exact records for a Klaviyo branded sending domain, explains why a raw SPF include is a mistake, and shows how to add and validate the one record Klaviyo will not create for you: your DMARC policy.

3 jul 20267 min lezen
spf

Zoho Mail SPF, DKIM & DMARC Setup: Complete DNS Configuration

Zoho Mail needs three DNS records to pass authentication: one SPF record with include:zohomail.com, a DKIM TXT record enabled per domain in the admin console with Zoho's selector, and a DMARC policy you move from none to reject over a few weeks. This guide gives the exact records, the single-SPF-record rule, the correct DKIM selector, and a staged rollout you verify live.

3 jul 20267 min lezen
basics

SPF vs DKIM: What's the Difference and Do You Need Both?

SPF checks the sending server, DKIM signs the message itself. This guide settles the real question with a side-by-side comparison: you need both because forwarding breaks SPF while DKIM survives it, and Gmail, Yahoo and Microsoft now require both plus DMARC. Includes record examples and how to spot which one your domain is missing.

3 jul 20267 min lezen
dkim

DKIM CNAME vs TXT Record: Which Should You Use (and Why It Matters)

A DKIM public key always lives in a TXT record. A CNAME at your selector is just a pointer that delegates that TXT record to your email provider so they can rotate keys for you. This guide explains the real difference, gives a side-by-side of manual TXT control versus CNAME auto-rotation, covers nested-CNAME resolution gotchas, and shows how to check what actually resolves at selector._domainkey.

3 jul 20267 min lezen
dkim

DKIM Body Hash (bh=) Mismatch: Why It Fails and How to Fix It

A DKIM body hash mismatch means the message body changed after signing, so the bh= value no longer matches what the receiver computes. This guide explains the difference between the body hash and the header signature, walks through the usual culprits (footer appenders, link rewriters, MIME re-encoding, canonicalization), and gives you a raw-body compare method plus the golden rule: sign at the last content-changing hop.

3 jul 20268 min lezen
dkim

DKIM Key Rotation: How Often to Rotate Keys Without Breaking Mail

A practical DKIM key rotation guide: rotate every 6 months by default, every 3 months for 1024-bit keys, and monthly for high-value senders. Includes a zero-downtime dual-selector runbook, automated rotation with CNAME-hosted keys, and an emergency procedure for a suspected key compromise, all without bouncing legitimate mail.

3 jul 20267 min lezen
dkim

Multiple DKIM Selectors on One Domain: Signing for Google, SendGrid, Mailchimp and More

DKIM is designed for many keys on one domain. Each sending service publishes its own public key under a unique selector, so Google, SendGrid, Mailchimp and every other stream can sign mail independently. This guide maps the common selector conventions per provider, explains the one rule you cannot break, and shows how to verify every stream.

3 jul 20267 min lezen
dkim

DKIM Fails but SPF Passes: Why It Happens and How to Fix the Signature

When DKIM fails but SPF passes, the sending IP was authorized but the signature broke. This guide diagnoses the signature-level causes: body hash mismatch from list footers and forwarding, altered headers, missing selectors, truncated keys, and l= body-length quirks. Includes a symptom-to-cause table, a step-by-step verification loop, and how signature failures differ from DMARC alignment failures so you fix the right thing.

3 jul 20268 min lezen
basics

SPF, DKIM and DMARC Explained

The three records that decide whether your email is trusted or spoofed. What each one does, how they work together, and how to check yours.

2 jul 20266 min lezen
dkim

How to Set Up DKIM

DKIM signs your mail so receivers can prove it came from you. Here is how to generate the key, publish the record, enable signing, and confirm it works.

2 jul 20264 min lezen
dkim

How to Fix DKIM Alignment Failures

DKIM can pass while DMARC still fails. The reason is alignment. Here is what alignment means and how to make your signature match your From domain.

2 jul 20264 min lezen
VorigePagina 2 van 2