Configure email security records
There are several DNS mechanisms to prevent others from sending emails on behalf of your domain. These all work as TXT records that need to be added on your domain:
- Sender Policy Framework (SPF): List authorized IP addresses and domains that can send email on behalf of your domain.
- DomainKeys Identified Mail (DKIM): Ensure email authenticity by cryptographically signing emails.
- Domain-based Message Authentication Reporting and Conformance (DMARC): Receive aggregate reports about your email traffic and provide clear instructions for how email receivers should treat non-conforming emails.
Create security records
To set up email security records:
- Log in to the Cloudflare dashboard, and select your account and domain.
- Go to Email > DMARC Management.
- In Email record overview, select View records.
- Use the available options to set up SPF, DKIM, and DMARC records. This page will also list any previous records you might already have in your account.
Edit or delete records
Refer to Manage DNS records for more information.