This is an advanced topic, and it's a good idea to get your IT department involved in setting up your email authentication. See Adding SPF and DomainKeys to Your DNS for instructions.
Pardot allows you to send emails from your actual domain, rather than dummy domains that are typically used by email service providers. We do this by authenticating through the two most commonly accepted standards: Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) The major ISPs and many corporate spam filters check for one or more of these types of authentication when determining whether or not to allow emails to a recipient’s inbox.
Email Authentication Checking by ISP
SPFSPF is a form of email authentication that is designed to make forging the sender of an email, or email spoofing, more difficult. SPF is not explicitly aimed at stopping spammers, but is intended to tighten loopholes used by spammers to spoof emails. SPF works by providing a list of all outbound email sources for a domain as a DNS TXT record.
Anytime a receiving mail server gets a message appearing to be sent from a domain, the receiving mail server can check the supposed sender’s SPF statement to verify that the message originated from one of the sources listed. Implementing an SPF record on your domain is as easy as creating a TXT record in your domain’s DNS provider. It’s particularly important to note that the SPF statement must be a TXT record type, not an SPF record type as the SPF record type is obsolete.
DomainKeysDomainKeys is an email authentication system designed to verify the DNS domain of an e-mail sender and the message integrity.This protocol is largely backed by Yahoo. To implement DomainKeys, add two new TXT records to your DNS. See this article for instructions. We recommend getting your IT department involved. The first record tells mailservers what the general DomainKeys settings are and the second record is your actual key. Each record should be on one line.
What is the difference between DomainKeys and DKIM? What if my company uses DKIM?DomainKeys and DKIM are pretty much the same, DKIM evolved from DomainKeys. DKIM is simply a more advanced form of DomainKeys with additional security features. Pardot uses the majority of the features of DKIM because it is a secure enough authentication schema for email delivery in almost all situations and provides maximum backwards compatibility.
How will this affect our corporate email delivery?DomainKeys will not affect your corporate email delivery.
How many DomainKeys can I have?You can have unlimited DomainKeys on your domain -- they do not interfere with each other.
SPF record FAQs
Will implementing SPF records affect my corporate delivery?If this is implemented correctly, then it won’t affect your corporate email delivery. The most common mistakes that will affect corporate email delivery are forgetting to incorporate corporate mail services in your SPF statement– this includes your corporate mail server, or domain used for corporate mail, and any other outgoing mail services your company uses. Otherwise, messages sent from these servers could bounce or be otherwise quarantined on a client server.
If further assistance is required or if you’d simply like your SPF and DKIM records to be reviewed, and this is within an active Quick Start Onboarding Package, then please reach out to your implementation contact. Otherwise, contact our Support Team (click the Contact Support button on the right).
Not what you're looking for? Check out these other articles:
Adding SPF and DomainKeys To Your DNS
Sending Emails from More than One Domain
Email Terms Glossary