Contact Us:

670 Lafayette Ave, Brooklyn,
NY 11216

+1 800 966 4564
+1 800 9667 4558

We know from our own experience that these acronyms may sound unfamiliar, or totally uninteresting, but we are here to tell you why it is of the utmost importance if you want to have better control over your email deliverability.

Having sent millions of cold B2B emails across all manner of verticals in recent years, we know first hand how much your deliverability and open rates will suffer if you don’t have your SPF & DKIM set-up correctly and optimised for cold outreach.

If you are suspecting that your emails are ending up in SPAM more often than not, or you are witnessing open rates between 5-10% then it is very likely that one or both of your DKIM/SPF records are incorrect.

No alt text provided for this image

Sender Policy Framework (SPF) is a security mechanism which helps to prevent unauthorized people from sending emails on your behalf. The mechanism is all about communication between Domain Name System (DNS) servers.

No alt text provided for this image

Before sending emails, every sender needs to choose the post office (server) from which those emails will be sent. Imagine for instance Alibaba as a sender’s post office from which the sender has to get approval for their email.

In order to get this approval, 2 documents will be requested from Alibaba.

1. SPF — Approves Alibaba as the sender’s post office (server).

2. DKIM — Contains the recipient’s unique signature.

Then, the sender needs to keep a copy for themselves and share a copy with the government.

The government, in this case, represents anything that is publicly available on the internet.

DKIM (Domain Keys Identified Mail)

This verifies that the content of the messages is reliable, meaning that they weren’t tampered from when the message left the initial mail server.

Once again, the owners of the domain add a DNS entry with the public DKIM key which will be used by receivers to verify that the message signature is correct.

What the above means is, after the mail is sent, it’s delivered to the Recipient’s post office where they check if the mail is sent from an approved post office and if the sender’s address and signature have changed.

DMARC (Domain-based Message Authentication, Reporting and Conformance)

This is a clear policy enabling SPF and DKIM. If one, or both, of the SPF and DKIM checks are aligned with the DMARC policy, then the check is considered successful. Otherwise, it fails.

What the above means is, the recipient’s post office checks if the documents are aligned with their policy (DMARC Policy). If everything looks accurate, the document report is considered successful and mail is delivered to the recipient.

If the sender doesn’t have documents from an approved post office set up in the right way, the recipient’s post office can decide not to send mail to the recipient’s mailbox (it will be sent to the spam folder).

It is essential that SPF and DKIM are set up correctly as they can directly improve your email deliverability!

Okay, Now Let’s Get Into The Technicalities Shall We?

How to set SPF on your server?

The general idea is to make sure all applications that send emails on your behalf (and are using their own Simple Mail Transfer Protocol (SMTP), not yours) are included in your SPF. For instance, if you’re using Google Apps to send emails from your domain, you should put Google in your SPF. Follow Google’s Instructions on how you can do this.

But it’s important to make sure if Google is the only app that you should “allow” in your SPF. For instance, we’re using our own email automation platform to manage our outbound emails. But do we include it in our SPF? No.


Our Email Automation uses our SMTP to send our emails, so it’s more of an online email client with superpowers rather than a mass email sending app.


Setting SPF and DKIM will help you protect the good reputation of your domain, and thus improve the deliverability of your emails.

First Steps?

Firstly, check what your current SPF is. How? Use the two tools listed below;

Now type in your domain (for instance we would type in, and the tools will return test results to show your current SPF, or notify that it has not been done yet.

Next Steps?

Take our word for it, preparing a step by step tutorial for this, is challenging because this is set up in the administrative console of your domain. Basically, writing in a well-crafted and structured line of text in the right place in the console will get the job done!

Let’s just say, you are using Google Apps to send all emails from your domain, then the line would look something like this:

“v=spf1 ~all”

However, when using more apps, expect the line to get a bit longer, because all the other apps will have to include.

Our recommendation? Ask a techy for some help. They will formulate the text and will quickly find the right place to paste it.

How to set DKIM on your server?

For this, you need to generate a public key.


Log in to your email provider’s admin console. Note, the next steps may differ depending on your email provider. For example, Google Apps email users, on default the DKIM signatures are turned off, which will manually have to be switched on in the Google Admin console.

Once you have the public key, take the generated text record and paste it in the right place into your DNS records.

Finally, turn on email signing to start sending emails including your signature encrypted with your private key.

Too Much?

Again, ask someone techy for some help with this. They will know or quickly find out how to generate the key and where to set everything up to make DKIM work properly for you.

Let’s End It Here

The reputation of your domain is crucial and if you’re sending lots of emails, getting blacklisted or emails ending up in spam is not an option. Setting up everything may seem complicated, but trust us, at the end of the day, it’s worth the effort!

Still unsure your DKIM & SPF set up should be…?

Well, if you are interested in ramping up your B2B cold email outreach and lead gen, then you will be pleased to know that we run SPF/DKIM checks on behalf of all our new clients, advising them of the exact set up they need, as part of our onboarding process, well before any outbound emails are sent.

After all, it’s critical for maximum deliverability, open and response rates.

Once you get them set up correctly, you will see the difference in your deliverability almost instantaneously.

If you have any questions feel free to ask us for help : Managing Director @ Rocket by E&S

If you want more tips on how to improve your cold email open rates, whether it’s subject lines or from lines then – do periodically check out our blog.

Leave a comment

Your email address will not be published. Required fields are marked *