1000 FAQs, 500 tutorials and explanatory videos. Here, there are only solutions!
Automatically check SPF / DKIM / DMARC
This guide presents the Global security which makes it possible to verify that the relations between a domain name and a Mail Service Infomaniak are optimal in terms of security. This requires a check of the recordings. SPF / DKIM / DMARC and the tool Global security allows to intervene on the configuration in case of need.
Access the global security diagnostic tool
To access Global security :
- Click here in order to access the management of your product on the Manager Infomaniak (Need help?).
- Click directly on the nameallocated to the product concerned.
- Click on Global security in the left side menu:
Check the optimal operation of the mail
Once arrived on Global security, take notice and check the 3 security mechanisms inherent in emails: SPF, DKIM on civil and DMARC These indications must be shown in Green:
If not, This can explain the spam treatment of an e-mail that is not an e-mail.
Click on Edit or Create to configure SPF, DKIM and DMARC according to the following recommendations in order to secure your Mail Service against potential identity usurpations:
SPF (Sender Policy Framework)
SPF (click here to configure) allows the domain name owner to specify which servers are allowed to send emails to the domain name. This helps reduce the risk of spam and phishing since the recipient's mail server can check whether the sender is authorized by consulting the DNS records of the sender domain.
Under these conditions and in case of detected problem you will find a button Correct which will allow you to update your FPS automatically.
If the correction of any of the concerns mentioned is not possible, is that it must be done on the configuration set up by the owner or technician of the domain name of the sender.
If your domain name is up to date with Wix or other provider, the SPF mustbe configured with the supplier in question.
DKIM (Domain Keys Identified Mail)
DKIM (click here to configure) is a protocol that allows you to sign e-mails when sending them.
When your domain name (or DNS area) is managed elsewhere, you will find in this part Global safety > DKIM the DKIM record to be added in the DNS field.
You can configure multiple DKIM records on your domain without limit set unlike DMARC or SPF, which is crucial if you use multiple third-party messaging providers for your daily communications.
DMARC (Domain-based Message Authentication, Reporting, and Conformance)
DMARC (click here to configure) allows to inform other mail servers (e.g. email providers) of the policy to follow when receiving a "suspect" e-mail (not authenticated e.g.) from your mail server (hosted by Infomaniak). In addition you can be warned of the "incident" by a summary message (called "DMARC report") providing information on the recent activity of your domain name email.
The DMARC requires a valid FPS and DKIM. An assistant allows you to configure the DMARC according to Infomaniak recommendations in simple mode or entirely as you wish in expert mode (allows you to enter the recording of your choice). The corresponding necessary entries (type TXT) will then be automatically applied in the DNS area of the domain name concerned (if administratively possible - domain managed in the same organization e.g.).
Infomaniak is not in a position to analyze your possible DMARC reports and records, and in a position to decide on the validity or conformity of these, because this is entirely your responsibility.
To check the records within your DNS, you can also use an external and free service such as the one mentioned at the bottom of your DNS.this other guide.
Be aware of this other guide if you are looking for information on the fourth point of the page Global security.