Timestamps:
00:00 – Intro
02:31 – Setup “Compliant” DMARC Record
09:24 – Setup “Fully Protected” DMARC Record (optional)
13:46 – Website to check if DMARC is good
14:26 – Setup SPF Record
19:50 – Setup DKIM Records
21:15 – DKIM For Getresponse
23:49 – DKIM For Aweber
26:21 – Recap and testing things
Transcript to Video:
What's going on? Mike Hobbs here, and in this video I'm going to go step by step on setting up your DMARC record, your SPF record, and your DKIM records, so that your emails hit the inbox instead of the spam box. Because with the recent updates from Gmail and Yahoo, Basically, if you don't do these things, you're going straight to spam or your emails will actually not even be delivered.
So this video I'm going to be walking you step by step on how to do it in the simplest way that I possibly can make it because I understand that this is above a lot of people's heads this can be very confusing and there's a lot of information out there too, all over, scattered all over the place.
And so what's the right way? What's the wrong way? this training right here is going to be complete and you don't have to follow any other training to get this done.
Before we get actually into the first step, I'm going to have a guide that looks like this. This is just going to be a Google doc that you can download and follow along with. And below the video, you'll be able to click on a link and download this guide and follow along step by step.
https://SeekProsperity.com/setup
So that way it makes it even easier. And if you're on YouTube, You'll have to enter your name and email to download this guide. Make sure you put a valid email in order to get it. I don't spam this list. I literally just send value to my list and give offers that I believe are valuable to you. So if you go here and you download this guide, just know I'm here to help you in your internet marketing journey and even help you earn a little extra money on the side.
So with that, let's get into the first step. So there's three records that are required to set up, and I'm going to be taking you through the DMARC first. And the reason I want to take you in this order, DMARC, then SPF, and then DKIM, is because the DMARC actually is universal. You could use this same one for any platform you're using.
So whether you're using Aweber, GetResponse any of the other big autoresponder companies, the DMARC record is actually the same for all of them, so we're going to do that, and then The SPF and the DKIM, those are platform specific, so you have to actually have a certain one for those.
But again, the DMARC is universal for everything, so let's do that first, and so we're going to take this in steps. So the very first thing is We're going to put a DMARC record. And so whether you have your GoDaddy, Namecheap we have a reseller account through hbadomains.
com. If you want to check that out, you can get a pretty good deal here at HBA domains. We actually made the price only 12. 99 per year. A lot of these other domain platforms, they will give you a good price the first year and then jack it up to 20 bucks the second year.
So we don't do that with HPE domains, but regardless of where you have this, this will work. We just need to make sure we add this first record. So first step, log in to wherever you bought your domain. Okay, we're not talking about email right now. We're just talking about the actual domain. So I have mine in hbadomains.
com, which looks similar to GoDaddy because we're a reseller of GoDaddy. So with that, you're logged in. Now we need to add A text record. So the type is a text record. Again, you could follow along with the guide below and then you can just do this. This is the host name or the name. And then this is the value.
And one of the things I wanted to do in this training is explain what these mean. Because some people will just copy and paste their DMARC record and think that they're protected, when in reality, you're not, okay? Here is what the DMARC record looks like, and the things marked in red are things that can be changed.
Okay? But technically, the only thing that needs to be changed here To be compliant is the email here. You just put the email you want these reports sent to, if it fails or passes, that's it. You could literally change this email right here to your email and you're good to go and you don't have to do anything else.
You could just copy and paste the rest of the code and your DMARC is done. That's how easy the DMARC is, but that gives you zero protection. It makes you compliant With Gmail and Yahoo, but zero protection and I'll explain that here as we go through this. So let's first make you compliant.
Okay, so what you need to do is you either need to copy this code. Okay, just like it is and change out these two email addresses right here and then put this record on your domain. Or there's a pretty cool place that says an easy place to generate this code without any mistakes. I'm gonna have everybody use this for the sake of this video.
But again, you can copy and paste this and you can throw it over in a notepad or something like that. And then just change things out. That's one option as well. Okay? So, I'm gonna go ahead and click on this link here. Now, keep in mind, this takes you to EasyDMark.
Do not buy their services. Their services, all they do is monitor your reports and tell you if something's up or something's wrong. You don't need to pay for that. You just need to generate the DMARC record. That's it. Period. Don't even log in to their service. Don't sign up for it. Okay. You're literally, I'm just using this as a tool.
Okay. So the domain that we're going to be doing this on for me is I have one called Freedom Shortcut. So you just log into your GoDaddy account or wherever you're at, find your domain and find the DNS area. Okay. So in this one, I just clicked on my products. It loaded up this page. I scroll down and I find my domain and I click DNS.
That's literally how I find. My DNS records. Okay. And so now that I'm in here, I'm going to copy and paste this into that site here. So I'm going to put my domain just right there. We're going to leave everything on none for now. I'm going to put my email address, so you should have set up an email address up to this point.
You, this could be your Gmail address if you would like, but if you created an email on that domain, you'd put that right here. Okay. So we'll just do that. Now the subdomain policy, that's the same. So I just clicked none there. So we'll leave it on none, none SPF. We'll just leave it on the dashes, and then we'll leave this on the dash.
This is once per day, the reporting interval, this applies to all emails being sent out, and then we'll put the email in again right here. And then this will just send you a report if something failed either on the DKIM or SPF record. Okay. So that is how simple it is to generate the code without any mistakes.
And if I click generate, you will see it gives me the code that I already gave you. Okay. But it has zero mistakes and it has your email in there. Automatically. And so I could just click copy on this record and be good to go. Now this makes you compliant. So let's do that first. Let's just put this record on your domain to make you compliant.
So let's go over to our DNS. And all we're gonna do, if you already have a DMARC record in here, you're gonna want to edit it. If you don't, and the way that you know is if you see anything in here that says underscore DMARC. Okay? So I'm gonna go through all my records and just see if I already have one.
And I don't. So I don't have a record on this domain yet, and most of you will not. Okay, if you did, you'd be complaining already. Okay, so we're gonna go ahead and click add new record and then we're gonna choose TXT. Okay, so TXT and then this one is underscore D mark. D M A R C. So the name underscore D mark.
And again, I have that right here on the guide. You'll see right there, name, underscore, DMARC. Okay, so I'm making this simple for you. And then this one, the value, that's where we copy this code that EasyDMARC gave us, generated. We're just going to go ahead and click on copy, so no mistakes are made. And then we'll go over here and we'll put the value, paste it, leave everything else alone.
Everything that's default, just leave everything else alone. And click save. Okay? And now you have a compliant DMARC record right now. So you are 100 percent compliant with Google, Yahoo, you're ready to go. But, like I said before, you're actually not protected. Someone could still use your domain. Without your permission and send emails on your behalf and still get away with it And the reason I say that is because right here where it says P equals none So let's go back over to here this where it says P equals none.
Let me show you right here This is what that means P equals none means no action will be taken so if someone uses your domain on your behalf and hijacks your email and sends email to someone from your email address. You have this in your record, so you're compliant and your emails will go to the inbox.
But so will their emails. Okay, the person hijacking you, their emails will also get to someone's inbox using your domain name. So this actually gives you zero protection using the none. So we always recommend starting with none just to be compliant, but then maybe upping it to quarantine. Suspicious emails will be set aside, or marked as spam.
Or, Even reject because then this will be completely blocked. So if someone is sending an email that from your domain name, from a service you are not using, so let's say you're using get response and they're sending an email from a Weber. Then it will just be completely blocked. so that is what reject is, and then quarantine, it'll send it to spam.
This is usually the next level up that you should at least go to if you want any protection. Now, if you just want to be compliant, move on to the next step. Okay, but if you want to actually be protected, then here's how you would do that. You would A change out the none So this none here and this none here to quarantine or reject.
Okay, and then this little n here and this little n here. I would change that, I would change that to r, which is relaxed, which means the SPF or DKIM has to at least, one of them has to at least, So that's going to give you the greatest protection.
And I don't know of any trainer who's teaching you this. Everyone out there is literally just telling you to be compliant. They're not teaching you what these other things mean. And so if you want full protection, you're going to put. The none to reject, this none to reject, this end to R, and this end to R.
Okay? And so that's how I would set it up if you want full compliance. And how you would do that is you can actually go back to this right here. And I'll show you that. So you can change it to reject. Okay? Then you can change this to reject. And then this one to R, and this one to R. And that's how I remember it.
Everything starts with an R. Okay? That's full protection. is reject, reject, relaxed, relaxed. You only want it relaxed by the way, cause some services don't use SPF records anymore. So you want to make sure that this is set to relaxed cause you don't know which service has SPF or not. So I would definitely make these relaxed and that's it.
And then just regenerate the code. And there you go. And then you'll copy this code and then just replace the one that you just did. So let's go ahead and click on edit here. And we will delete everything out of there and place in the one that gives you full protection. Okay, so that is how you get full protection.
Literally, you are the only one that can use your domain. Nobody else can use it at this point. If someone else tries to spoof you, you are protected. Okay. So anyway, that's DMARC. That's everything that you need to know about DMARC. And that's why I like to use. This tool to make sure we don't make any mistakes when we're generating the record But again, if for whatever reason this tool doesn't exist anymore when you're watching this training Then this is the exact record you need you just replace the things in red Okay.
Now to check if your D mark is set up There is a cool website here that in the guide you can click on it And let's just go check and see if this is if it's all set up So I'm gonna go copy and paste my domain into this website just to double check everything is good. And I'm going to click inspect domain, and I'm going to click accept, and then it says that.
Great job, your demark is visible. So as you can see, it went pretty quickly, and now you know your job is good. So your record, DMARC record is done. You are now compliant with Gmail and Yahoo and you're off to the races. Okay. So step two, this is your SPF record. Okay. Now this is platform specific.
So what I would recommend you do is either go directly to your platform that you're using. So Aweber, GetResponse, all these different places and find out what their SPF record is, and then. Let them give it to you via their support, and then that's when you would put it in here. But I've made it easier on the ones that I've actually know about.
I'm gonna make this a lot simpler for you. So this is what the record looks like. It's another text record. This time it's on your root domain. That's all this means is this means your root domain, and then this is what the value looks like. So basically, whatever platform you are using, that's the only thing that you need to change.
So I'll show you some examples. So right here, if you're using Aweber, this is what it would look like right here in the red spot. If you're using GetResponse, then this is what it would look like in that red spot. Etc. There's a whole bunch of other ones here that you can look at. But, and this is what it would look like If you only had one platform that you're using, so it would just look like this basically has include get response in there.
This is what the SPF record should look like, because just keep in mind, you can only have one of each of these records. You can only have one DMARC record. You can only have one SPF record. So for example, if I were using Aweber, GetResponse and Zendesk.
which is like a support email platform. This is what the record would look like. As you can see, it has the get response, it has the Aweber one, and it has the Zendesk one in it. So this is what I would use if I was using three platforms to bulk email. If I was only using one platform to bulk email, this is the one.
That I would use so if I was only using get response, that's what it would look like. And so you need to go back into your DNS and just make sure you don't already have one. So if you already have an SPF record, so you can look through here and just look for some ways to look for it is just look for this little SPF one right there in here.
And if you don't have one already. So you just look for it and it looks like I do not have one here. Then you add one. If you already have one, you edit it or delete it and then start over. Okay. So I'm going to go ahead and add the record cause I don't see it here and I'm just going to add this record.
And I'm going to add as if I was just using a get response. So I'm just going to copy this again. I'm making this easy for you because I have the code right below this in this guide. Okay. So we're just going to copy and paste this. So remember this is your root domain. This is text record. So root domain is just the at symbol.
Some providers. Make you put your actual root domain here. So if the app does not work, then you would just put your, whatever your domain is right here. Okay. Both of them should work. And then the value is right here. So I'm using get response for this example. So we're going to go ahead and click save.
And now I if get response was the only platform I'm using. This record is good to go. Okay, but because I'm using multiple platforms This is what I would do. I would find the SPF record and it says, okay, there it is right there SPF 1 And so I'm gonna go ahead and edit this and I'm gonna add every platform that I'm currently using So I actually use Zendesk.
So I'm gonna add that one. So I'm gonna come in here I'm gonna copy this one and I'm gonna go in here and I'm gonna go right to where the squiggly line all is Paste this in and do a space and I'm gonna go grab another one that I'm using. So let's say I'm using Aweber, so I'm gonna grab Aweber's and again, I'm gonna go to the very end Maybe do space and then paste it in and let's just say I'm using one more.
So let's say I'm using ActiveCampaign, so I'm gonna copy that one and I'm gonna go back here And go to the end, paste it in, do another space and click save. And so now I just put all the different platforms that I'm currently using. So wherever you're sending emails from, you need to make sure you put that in there.
Now, if you ever add another platform that you're using, you would just come to the same record, edit it and add that platform to the SPF record. That's how simple that is. I've made it really simple for you. You could literally just copy and paste this record here and add the different ones that you have available.
Like for example, this is what it'll look like if you have multiple. And just add all the ones that you're currently sending emails from and you will be good to go. So that is the SPF record. This is what it looks like when we're all done. And now the last piece, and I'm excited for you because this is means you're pretty much done, is your DKIM records.
Now another word for this, they call this is authentication. So you're just telling whatever platform you're using you're just authenticating that you are the owner of this, Email address. Okay, and that you're the only one that has permission. For example, if someone else has a get response account and you have a get response account, they can technically still email on your behalf because you put this SPF record as get response.
So you gave anyone with a get response account permission to use your domain. But what this authentication does. is it makes sure that you are the only account that can use this email address. Okay? So that is what we want to set up here. Now this one is going to be platform specific. So whatever their instructions to do, and sometimes they'll tell you to do a text record, and sometimes they'll tell you to do a CNAME record.
And I'll show you both examples. Okay. I use get response in a Weber. So I'm going to use those two examples in today's video, but you can do this and follow the instructions on any platform. You're currently in and just follow their on screen instructions.
So let's go over to get response real quick and how I found this email addresses area is I logged into my get response account. I clicked on tools and then I clicked on emails and domains. Okay, and so this took me to this screen, and as you can see, my main domain is already authenticated, but the Freedom Shortcut one is not.
Okay, so what you will do is you'll just add an email address right here. Whatever one you set up when you first started this whole process, you'll add your custom email address that's on your domain name. You'll add that, you'll have to confirm the email, and then it'll be added to your account. And now we're at this point where we need to authenticate it.
Okay, so what I'm going to do is I'm going to click on update DNS record. Now, it's going to give me two different records. Now, remember, we have already done the DMARC. Okay, so we do not need to do this again, okay? So this record is done. The DMARC record is all done. What you need to do is you need to add the DKIM, because that's the step that we're on.
They're going to give you just a plain Jane one that you don't want to use when you first come in here. So we're just going to do DKIM and then everything will be done, okay? So what you have to do is just follow their instructions. So it says create a text record. Okay. So we're going to go do that.
We're going to go over here. We're going to click add new record. Now we're going to choose text. And then what we're going to do is we're going to copy this first one. So DKM identifier, we're going to copy that first one. We're going to put that in the name field. Okay. Now the value field, we're going to copy the second record right here, the key.
So we're going to copy that. And then we're going to go over here. Paste it in. And then we're just going to leave everything else the same and just click on save. Okay. Now remember we've already added the DMARC record. So we are literally done with that.
We don't have to do anything with that. We already added the SPF record. We're already done with that. We just added the DKIM. And sometimes it takes a little bit longer to authenticate. As you can see, the DMARC record is already added. So that's good. But this one has not been authenticated yet. So we're going to just let it sit for a few minutes and see how long it takes.
But while we're at it, let's go do Aweber real quick. So Aweber is a whole different platform. So I'm going to come in here and to find it in Aweber, all you do is you click on your name in the bottom left corner and you click on my account and then you click on domains and addresses. Okay. And now that we're in here, you'll see it also says unauthenticated.
Okay. So what we need to do is we just need to click either fix issue, or if you wanted to click on, I'll just show you another spot. You can click on this little gear, set up instructions. So fix issue or set up instructions that'll take you to the same spot. Now as you can see. This one is not a text record.
This one says CNAME records. So we're adding three CNAME records. So this is why I said this is platform specific. And again, you can use multiple platforms. But you have to follow the instructions that your platform tells you to do. And so if I added these as text records, it would not work. So I need to make sure I'm looking at the screen.
And following the instructions, as you can see the D marks already done. Pretty cool. Right? So we don't have to do that because it's already, it says it's installed because again, we did that first. So anyway, so we're going to go ahead and add these three C name records to our DNS. So I'm going to come back over to my DNS.
I'm going to click on add new record this time, instead of text record, I'm going to do C name, cause that's what a Weber told me to do. I'm going to copy this host name. We're going to put that here. Then I'm going to copy this value, and I'm going to put that here, and then just click save. One done. Next one.
We're going to click add record. Again, CNAME record. We're going to grab the second one and paste it, and we're going to grab the second one on the value, and then we're going to paste it, and then save. Now the third one. We're going to grab the, this one. And we're going to click again, CNAME record, paste the third one.
And then the third one here. Again, this is just the same process, just for the different records. CNAME first value and save. And so now I have all the records I need on this domain. We have added the three CNAMEs for AWeber. We have added the SPF record that includes AWeber and GetResponse. And we've added the domain.
Authentication for getResponse, and we've added the demark, okay? So literally everything is done now, or it's just a waiting game. So the way that I do it is I usually just refresh the page, and it's usually pretty quick on the authentication, but sometimes it could take a few hours
But it could take up to 24 hours to be Complete so I would not email support. I wouldn't go crazy until you have Made sure that you have waited the proper amount of time But it could take up to 24 hours for everything to propagate But I'm gonna go ahead and click refresh status and as you can see a Weber's already done.
Okay, so a Weber's already done GetResponse is not quite finished,
and that is literally how it is. And if you have any other questions about why you need to do all this, I actually included Some Q and a at the bottom of this guide. And basically the DMARC is essentially just enhancing email security. It's protecting your brand. It's improving email deliverability.
In fact, this is why I wanted to do this video primarily is to explain that if you use the none, You are compliant, but it will most likely not improve your email deliverability because Gmail still sees that. Someone could spoof your email. Someone could hijack your email. So they're not going to give you optimal delivery.
But someone with reject is probably going to get the most amount of delivery because they know, without a shadow of a doubt, that this is coming from you. And you were rejecting everybody else. So that is how that works. Again, you can read through some of this other stuff. These are some different definitions of things if you would like, but just know that's how simple it is. It's not that complicated. As long as you follow this step by step, you set up these three records, you will be golden.
All right. So let's go check, get response one more time. We'll just refresh the page. All right. It looks like we are. So as you can see, Green means good. Okay, so when it says authenticated you are good to go So that's all you need to do and sometimes this will go back from orange to green. That's just how DNS records work, but after about 24 to 48 hours, it'll be perfectly authenticated.
Everything good. Hope you got value from this video.
If you have questions or you need help with anything related to this and I'm happy to answer them, make it a great day and I'll see you in the next video.
For more marketing resources visit: https://SeekProsperity.com/links
~Mike Hobbs