At Reggio Digital, our WordPress hosting includes the ability to send emails through various plugins, whether it’s for membership sign-ups, password resets, or order confirmations. Many plugins allow customization of the “From:” email address, but spoofing this address is a common tactic in phishing and spam. To combat this, email providers employ several layers of authentication:
- SPF (Sender Policy Framework): Defines which mail servers are permitted to send email on behalf of your domain, helping to prevent spoofing.
- DKIM (DomainKeys Identified Mail): Uses digital signatures to verify that the email sender is truly who they claim to be.
- DMARC (Domain-based Message Authentication, Reporting, and Conformance): Builds on SPF and DKIM, providing instructions on how mail servers should handle messages that fail these checks.
Ensuring Email Authentication with Reggio Digital
Reggio Digital provides built-in email authentication for all hosted sites using our transactional email service. This ensures your emails are trusted and delivered efficiently. However, there are certain situations where you may need to manually adjust your DNS records.
What You Need to Know:
- Outgoing emails sent from your primary domain will be automatically signed by Reggio Digital. For example, if your domain is
example.com, emails fromyou@example.comwill be authenticated. - If your domain uses Reggio Digital’s Name Servers, all necessary DNS records are already in place. However, if changes were made, you might need to restore these records.
- If your domain’s DNS is managed elsewhere, you will need to manually add the required DNS records at your DNS provider.
- For sites using an SMTP plugin with a third-party service, Reggio Digital will not manage your site’s transactional email, and these DNS records may not be required.
- When sending from a subdomain, ensure the Host value reflects this (e.g., use
newsfornews.example.com). - If other services handle your email delivery, they may have their own SPF and DKIM records that need to be included alongside Reggio Digital’s.
DKIM
DKIM is crucial for ensuring your emails are not flagged as spam. It verifies that emails sent from your domain are legitimate. Reggio Digital automatically signs transactional emails as long as they are sent from your primary domain.
To ensure proper DKIM configuration, please add the following CNAME records to your DNS:
| Type | Host/Name | Value/Target/Alias To |
|---|---|---|
| CNAME | openhosting1._domainkey | openhosting1._domainkey.wpcloud.com. |
| CNAME | openhosting2._domainkey | openhosting2._domainkey.wpcloud.com. |
SPF
SPF records play a vital role in confirming which servers are allowed to send emails from your domain. While Reggio Digital’s email service generally doesn’t require additional SPF records, your domain may need them if using other email services.
If required, you can add the following SPF record:
| Type | Host/Name | Value |
|---|---|---|
| TXT | @ | v=spf1 include:wpdatacenter.com ~all |
Handling Multiple SPF Records
Remember, you can only have one SPF record per domain. If your domain already has an SPF record, you will need to combine it with Reggio Digital’s. Here’s how:
If your domain has these SPF records:
| Type | Host/Name | Value |
|---|---|---|
| TXT | @ | v=spf1 a mx include:spf.acumbamail.com ~all |
| TXT | @ | v=spf1 include:spf.protection.outlook.com -all |
You can merge them like this:
| Type | Host/Name | Value |
|---|---|---|
| TXT | @ | v=spf1 a mx include:spf.acumbamail.com include:spf.protection.outlook.com include:wpdatacenter.com ~all |
DMARC
Implementing DMARC helps ensure your emails are not only delivered but also protected against spoofing. While more advanced configurations can offer greater security, a basic DMARC setup can still provide essential protections.
If you’re new to DMARC, you can start with this basic configuration:
| Type | Host/Name | Value |
|---|---|---|
| TXT | _dmarc | v=DMARC1; p=none; |
