Protection with DKIM, SPF and DMARC Print

  • 0

DKIM (DomainKeys Identified Mail) is a method that allows you to associate the identity of a domain name with the message being sent, as well as verify the identity of the domain name associated with the incoming message using cryptographic authentication.
SPF (Sender Policy Framework) is a method used to prevent email from spoofing, that is, using a fake sender address. It allows you to verify that incoming mail from a specific domain comes from a host authorized by the administrator of that domain. In addition, Plesk uses SRS (Sender Rewriting Scheme) to ensure that redirected messages can pass SPF check.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is a technology that extends the capabilities of SPF and DKIM methods. A DMARC policy determines what the recipient should do with email messages based on the results of DKIM and SPF verification.
To enable DKIM outbound message signing for a specific domain:

Open the corresponding subscription.
Go to the Mail tab > Mail Settings.
Select a domain and click Enable/Disable Services.
Select Enable for the DKIM anti-spam option for signing outgoing messages and click OK.
Note: DNS service must be enabled on the domain.

After activating DKIM on a domain, Plesk adds the following two records to the domain's DNS zone:

default._domainkey.<example.com> - Contains the public part of the generated key.
_ domainkey.<example.com> - Contains the DKIM policy.
To enable DMARC checking for incoming mail:

Go to Tools & Settings > Mail Server Settings (in the Mail section). This will open a screen with global mail settings on the Settings tab.
In the DMARC section, check the Enable DMARC check for incoming mail. On a Linux server, this option is only available when DKIM and SPF are enabled for incoming mail.


Was this answer helpful?

« Back