Domain Authentication
Sender Policy Framework - SPF
The Sender Policy Framework (SPF) is an open standard specifying a technical method to prevent sender address forgery. More precisely, the current version of SPF — called SPFv1 or SPF Classic — protects the envelope sender address, which is used for the delivery of messages. See the box on the right for a quick explanation of the different types of sender addresses in e-mailsCreate a SPF Record and add to blank TXT record DNS under domain root.
Obtain all the email server IP addresses that will be used to Send email. To help create your TXT record for your domain use the Microsoft Sender Policy Framework Wizard and paste the record in to your DNS record.
Use Kitterman's SPF Verification Tool to test your SPF Record.
Sender Policy Framework Open Project - For Detailed Information on SPF Syntax and Implementation
Domain Keys Identified Mail - DKIM
DKIM attaches a new domain name identifier to a message and uses cryptographic techniques to validate authorization for its presence. The identifier is independent of any other identifier in the message, such in the author's From: field. DKIM.org FAQ'sCreate your DKIM key within your email provider such as Mail Enable or Exchange.
Create DKIM _DomainKey sub-domain.
Add your TXT "selector" to the subdomain in your DNS namespace (ie: selector._domainkey.mydomain) and paste in the DKIM key.
Domain-based Message Authentication, Reporting and Conformance - DMARC
DMARC, which stands for "Domain-based Message Authentication, Reporting & Conformance", is a technical specification created by a group of organizations that want to help reduce the potential for email-based abuse by solving a couple of long-standing operational, deployment, and reporting issues related to email authentication protocols.Make sure you setup your postmaster@mydomain.com and abuse@mydomain.com.
Test and Verify your SPF is setup correctly.
DMARC policies are published in the DNS as text (TXT) resource records (RR) and announce what an email receiver should do with non-aligned mail it receives.
Setup DMARC TXT RR for the domain "sender.mydomain.com" that reads:
"v=DMARC1;p=reject;pct=100;rua=mailto:postmaster@mydomain.com"