Email Domain Authentication and Email Deliverability
Proper domain authentication is essential to ensure your outbound emails are delivered reliably, avoid being flagged as spam, and protect against spoofing and phishing attempts.
SMTP Relay Service Recommended
There are many SMTP relay service providers, such as SMTP2GO, MailerSend, SendPulse, Mailgun, and others --that can improve deliverability, reliability, and visibility of your outbound email. These services are generally straightforward to configure and integrate.
Many providers also offer free service tiers, which are typically sufficient to handle the outbound volume required for most businesses.
For our organization, we have selected SMTP2GO as our SMTP relay service provider.
▪High Deliverability - Emails are routed through a globally distributed network with good reputation, reducing the chance of landing in spam.
▪Security & Compliance - Supports TLS encryption, DKIM, SPF, and DMARC for authenticated, secure email delivery.
▪Detailed Analytics - Provides real-time dashboards, logs, and alerts so you can track delivery, bounces, and engagement.
▪Support & Ease of Setup - Simple setup and responsive support available.
▪Secure Sign In - Create a special SMTP user and password for sign in, avoiding the need to involve personal email addresses and passwords.
Setting up an SMTP Relay Service
General Guidelines
The DBA Email Client uses SMTP to send output messages. To improve deliverability and security, you must configure both your domain and your server correctly. The following sections provide general guidelines. For detailed steps, consult your email service provider and domain registrar.
DNS Configuration
When sending email, your domain's DNS records must:
▪Communicate to receiving servers that you own the sending domain.
▪Verify that your outbound server is authorized to send email on behalf of that domain
Domain Authentication Records
SPF (Sender Policy Framework)
▪SPF records allow you to list all IP addresses authorized to send email for your domain
▪Create a TXT in your DNS configuration with the SPF defailts provided by your email service
DKIM (DomainKeys Identified Mail)
▪DKIM uses encryption to sign and verify email content
▪Add a TXT record to your DNS with the DKIM key supplier by your provider
▪Together with SPF, DKIM significantly improves trust and deliverability
Safelist your Server IP
▪Install and run DBA on a server with a static IP to ensure reliable identification
▪If your email service provider supports IP safelisting, add your server's public IP address.
▪This ensures that all emails from that IP are validated against your provider's policy
Create a SMTP User ID if possible
Most SMTP relay service providers allow you to create a special SMTP User ID and password that does not require an email address
▪This allows you to bypass using a personal email address and password in your stored SMTP settings.
▪Email services that require OAuth login procedures should use a SMTP service provider and SMTP User ID instead
TLS Encryption
▪Use TLS encryption to secure email transmission.
▪Configure your SMTP settings to use a port that supports TLS.
▪Port 587 (with TLS) is recommended for most providers.
Troubleshooting and Logging
Activate Email Logging
▪To test or troubleshoot your email configuration, enable email logging in DBA
▪Logging provides detailed records of each send attempt, which can be invaluable for diagnosing issues with new settings or authentication errors.
▪See the following KB article for step-by-step instructions
Online Help - Activating Email Logging
.
