Summary
The compiled responses from various sources, including email marketers, experts, and documentation from Google, Microsoft, DMARC.org, and AuthSMTP, emphasize the importance of proper SPF and DKIM configuration, particularly when using multiple ESPs. While one Email Geeks source mentioned Google's guidelines stating only one of SPF or DKIM needs alignment, there's a strong recommendation for DKIM alignment. This involves configuring DNS records to include DKIM signatures matching the sending domain for each ESP, ensuring the 'd=' domain aligns with the 'From:' domain. Having each ESP set up separately with its own authentication (especially DKIM with unique keys) is crucial. Proper configuration is vital for DMARC compliance, verifying email authenticity, and preventing emails from being flagged as spam.
Key findings
- DKIM Priority: DKIM alignment is generally prioritized, ensuring email authenticity.
- Separate Configuration: Each ESP requires separate SPF and DKIM configurations.
- Unique Keys: Each ESP should be configured with DKIM using its own unique key.
- Alignment Verification: The 'd=' domain in the DKIM signature should align with the sending domain for each ESP.
- DMARC Compliance: SPF alignment is necessary for DMARC to pass SPF checks, and DKIM alignment is crucial for DMARC to pass DKIM checks.
Key considerations
- Deliverability Impact: Proper SPF and DKIM configuration significantly impacts email deliverability.
- Spam Prevention: Correct authentication prevents emails from being flagged as spam.
- Configuration Complexity: Setting up SPF and DKIM for multiple ESPs requires meticulous DNS record management.
- Domain Reputation: Failure to configure SPF and DKIM properly can negatively affect domain reputation.
- Authentication Standards: Establishing authentication standards like SPF, DKIM, and DMARC is vital.
What email marketers say
6 marketer opinions
The consensus among email marketers from various platforms like Mailchimp, SendGrid, Postmark, Stack Overflow, Reddit, and ExpertSender is that SPF and DKIM records must be properly configured and aligned for each email service provider (ESP) used. This involves creating separate SPF and DKIM records for each ESP and ensuring that the sending domain aligns with the domain in the 'From:' address and the DKIM signature.
Key opinions
- Separate Authentication: Each ESP requires its own separate SPF and DKIM setup.
- DKIM Alignment: The 'd=' domain in the DKIM signature must align with your sending domain for each ESP.
- SPF Configuration: SPF records should include statements for each ESP being used.
- Domain-Specific Records: If sending from multiple domains, each domain requires its own SPF and DKIM records.
- DMARC Alignment: DMARC alignment with DKIM ensures the domain used to sign the email matches the From header.
Key considerations
- Deliverability: Proper SPF and DKIM alignment is crucial for optimal email deliverability.
- Domain Verification: Verify that the sending domain aligns with the 'From:' address for each ESP.
- Spam Prevention: Correct authentication prevents emails from being flagged as spam.
- Configuration: Configure DNS records to include DKIM signatures that match your sending domain.
- Multiple Domains: When using multiple domains, each domain requires its own individual setup to ensure correct authentication.
Marketer view
Email marketer from Mailchimp Support shares that to properly authenticate email from Mailchimp, you should authenticate your sending domain using both SPF and DKIM. If you send from multiple domains within Mailchimp, each domain needs its own separate authentication setup. This ensures Mailchimp can send email on behalf of each of your domains.
22 Jul 2022 - Mailchimp
Marketer view
Email marketer from SendGrid Support explains that proper DKIM alignment involves configuring your DNS records to include a DKIM signature that matches your sending domain. When sending from multiple ESPs like SendGrid and others, each requires its own DKIM setup and you need to ensure that the 'd=' domain in the DKIM signature aligns with your 'From:' domain for each ESP.
25 Mar 2025 - SendGrid
What the experts say
5 expert opinions
The responses regarding SPF and DKIM alignment for multiple ESPs present a nuanced view. While one source indicates that Google's guidelines only require one of SPF or DKIM to be aligned, others strongly recommend DKIM alignment, especially when using multiple ESPs. It's highlighted that each ESP should be configured with DKIM using its own unique key, with the 'd=' domain in the DKIM signature aligning with the sending domain. Setting up SPF and DKIM separately for each ESP is also emphasized as essential for proper email authentication.
Key opinions
- DKIM Priority: DKIM alignment is generally prioritized over SPF alignment, especially to avoid potential issues.
- Unique Keys: Each ESP should be configured with DKIM using its own unique DKIM key.
- Alignment Verification: Verify that the 'd=' domain in the DKIM signature aligns with the sending domain for each ESP.
- ESP Separation: Authentication standards like SPF, DKIM and DMARC are setup seperately for each ESP, especially DKIM.
- Google Requirements: Google says that both SPF and DKIM must be present, but only one must align.
Key considerations
- Email Deliverability: Proper DKIM configuration is crucial for ensuring email deliverability and avoiding spam filters.
- Configuration Complexity: Setting up SPF and DKIM for multiple ESPs can be complex and requires careful DNS record management.
- Authentication Standards: Importance of setting up authentication standards like SPF, DKIM and DMARC.
- DNS Management: Managing DNS records for multiple ESPs requires careful attention to avoid errors.
Expert view
Expert from Word to the Wise discusses the importance of setting up authentication standards like SPF, DKIM and DMARC. It explains that each ESP needs to be setup seperately, especially DKIM.
19 Dec 2023 - Word to the Wise
Expert view
Expert from Email Geeks explains that having just SPF aligned is asking for trouble and it's better to have DKIM aligned. If you can have both aligned that’s perfect, but he cares a lot less about SPF once DKIM is aligned.
12 Dec 2022 - Email Geeks
What the documentation says
4 technical articles
According to documentation from Google, Microsoft, DMARC.org, and AuthSMTP, proper SPF and DKIM configuration is essential for email authentication, especially when using multiple ESPs. SPF alignment is crucial for DMARC compliance, requiring the 'MAIL FROM' domain to match the authorizing domain. DKIM verifies email authenticity, necessitating a unique DKIM configuration for each domain when using multiple sending domains or ESPs. DMARC relies on DKIM alignment, ensuring the signing domain matches the 'From:' header. Each ESP should have separate SPF and DKIM configurations due to unique sending IPs and DKIM signing keys.
Key findings
- SPF Alignment for DMARC: SPF alignment is necessary for DMARC to pass SPF checks.
- DKIM for Authentication: DKIM is critical for verifying the authenticity of emails.
- Multiple ESPs: When using multiple ESPs, each domain requires its own DKIM configuration.
- DMARC and DKIM Alignment: DMARC requires DKIM alignment, ensuring the signing domain matches the 'From:' header.
- Separate Configurations: Each ESP needs separate SPF and DKIM configurations.
Key considerations
- DMARC Compliance: Proper SPF and DKIM alignment are essential for DMARC compliance.
- Email Authenticity: Correct DKIM configuration ensures emails are authenticated, preventing them from being marked as spam.
- Configuration Complexity: Setting up SPF and DKIM for multiple ESPs requires careful attention to detail.
- Domain Reputation: Failing to properly configure SPF and DKIM can negatively impact domain reputation and deliverability.
- Sending IPs and DKIM Keys: Each ESP has unique sending IPs and DKIM signing keys that need to be properly configured.
Technical article
Documentation from DMARC.org explains that DKIM alignment checks if the domain used to sign the email (d= tag in the DKIM signature) matches the domain in the 'From:' header. For DMARC to pass DKIM, there must be a match or a subdomain relationship. When using multiple ESPs, ensure each uses DKIM signing with a domain aligned with your organizational domain.
24 Dec 2023 - DMARC.org
Technical article
Documentation from Google explains that SPF alignment (also known as SPF Hardfail) is important for DMARC. It is achieved when the domain used in the 'MAIL FROM' or 'Return-Path' address matches the domain that authorized the sending server in the SPF record. This is necessary for DMARC to pass SPF checks.
14 Dec 2022 - Google
How do SPF, DKIM, and DMARC email authentication standards work?
Are SPF, DKIM, and DMARC as important in B2B as in B2C email marketing?
Are SPF, DKIM, and DMARC records necessary for transactional email servers not used for marketing?
Do small email senders need their own SPF/DKIM records or can they rely on their ESP?
How do SPF, DKIM, and DMARC affect email deliverability with Cvent?
Should DMARC checks focus on SPF HELO or Return-Path and should you focus on DKIM or SPF?
Do all email service providers support DMARC, and what does 'support' mean in this context?
How do I properly set up SPF and DKIM records for email marketing, including handling multiple SPF records, IP ranges, bounce capturing, and Google Postmaster Tools verification?
How do SPF records and DKIM keys work with multiple email services like Klaviyo and Shopify?
What are SPF, DKIM, and DMARC, and when are they needed?
