Protecting your emails from spam filters

When using external email addresses from Kayako, there are several steps you can take to ensure that your messages don't get caught in your customers' spam filters. We strongly recommend setting up two authentication tools on your email server to ensure that your emails are delivered successfully: SPF and DKIM. Below, we'll walk you through how to add and configure each one.

Adding SPF protection

SPF (Sender Policy Framework) is an anti-spam technique used by some modern email services to ensure the email they are receiving is really coming from your email server. To enable it, you'll need to add an entry or two to your domain's DNS (Domain Name Service) records. This will tell your customers' email servers that the emails they're getting are legit. The specific steps to set up SPF will vary depending on your host, but we'll go through the overall process, below.

NOTE: You'll need to have administrative access to your email server to enable SPF.

To enable SPF protection:

1. Sign in to the DNS provider for your domain.
2. Open your DNS records for editing.
3. We'll need to add Kayako to the list of approved senders, which we'll do one of two ways, depending on your needs:
   1. If you're only going to be using this email address via Kayako, then add a new TXT record that says:
      

      [yourcompany].com. IN TXT "v=spf1 mx include:email1.kayako.com ~all"

      NOTE: You'll need to replace the '[yourcompany]' with your domain name.

   2. If you're you're going to be using this email address to send mail outside of Kayako, add a new TXT record that says:
      

      [yourcompany].com. IN TXT "v=spf1 mx ip4:[IP address] 
      include:email1.kayako.com ~all"

      NOTE: You'll need to replace the '[yourcompany]' with your domain name and '[IP address]' with the IP address for your mail server.
4. Save your changes.
5. After updating your DNS records, it may take up to 24 hours for your changes to take effect. Once they have, you SPF will be enabled.

Enabling DKIM authentication

DomainKeys Identified Mail (DKIM) is an authentication mechanism to help protect both email receivers and email senders from forged and phishing email. For any address at your default Kayako domain, all you'll need to do is click a checkbox to enable DKIM. If you want to enable it for a custom domain, you'll need to add a couple of CNAME entries to your DNS records first. We'll walk you through it below.

NOTE: You'll need to have administrative access to your DNS provider to enable DKIM.

To enable DKIM for your Kayako emails:

1. If you're adding DKIM for a custom domain, you'll start by signing in to your domain's DNS provider.
   NOTE: For help enabling DKIM for your default Kayako domain, skip down to step 5.
2. Go to your DNS records.
3. Add three new CNAME records that read as follows:    
   • email.[YOURDOMAINNAME].com, pointing to email.kayako.com
   • s1._domainkey.[YOURDOMAINNAME].com, pointing to s1._domainkey.kayako.com
   • s2._domainkey.[YOURDOMAINNAME].com, pointing to s2._domainkey.kayako.com
     NOTE: You'll need to replace '[YOURDOMAINNAME]' with your custom domain.
4. From here, we recommend you wait 24 hours, to allow your updated DNS records to propagate. If you enable DKIM in Kayako before the changes have gone into effect, your emails may not send correctly.
5. Once your changes have taken effect, sign in to Kayako and go to the admin area.
6. Click Email on the sidebar and switch to the 'Settings' tab.
7. Check the Use DKIM to authenticate box.
8. Click the Save button to enable DKIM.