All Collections
Deliverability
Does your email end up in spam? Add DKIM and SPF to your domain.
Does your email end up in spam? Add DKIM and SPF to your domain.
Emma avatar
Written by Emma
Updated over a week ago

It is very common for spam emails to claim to be from one place, when in fact sent from completely different mail servers. The same behaviour is what happens when your sender email address is sending mail through our mail servers.

Receiving mail servers want to make sure that it is you who is sending the email. If the servers are unsure, they can mark the email as spam or display a warning message.To reduce the risk of being perceived negatively by a spam filter, it is possible to add DNS records on the domain used by the sender address. It works as a confirmation on the domain that the mail that are sent through our mail servers are not “fishy” in any way.

To do that you need to go into the DNS-settings, also called name server settings, of your domain and add DNS records.

We will guide you through the steps for each setting. Step one is to make sure that you, someone in your team or the support of your web host has access to the DNS settings of your domain.

Step 1: Find out who is managing your domain / name servers

If your domain ends with ".se" or ".nu"

2. Enter your domain name and click on the magnifying glass

3. Scroll down to “nserver”. There you can see exactly where you need to go to add the correct settings.

If your domain ends with ".com" or something else

1. Go to www.who.is

2. Enter your domain name and click on the magnifying glass

3. Scroll down to “nserver”. There you can see exactly where you need to go to add the correct settings.

Once you know where your domain is managed, you can either choose to contact the support of your web host and ask them to help you add SPF, DKIM & Sender ID according to the instructions below or log in to the control panel of your web host and add it yourself under the domain's DNS settings.

Step 2: Add DKIM records


What is DKIM?

DKIM stands for Domain Keys Identified Mail, and is a verification that helps the receiving server to verify that the email was actually sent from the domain that is the sender. It works as a digital signature that confirms that it's really you who sent the email and that no one has changed the email since you sent it.

You could say that DKIM is like that silver thread or water mark on banknotes, which proves that it is genuine.

How to add DKIM record

The DKIM setting is made in the DNS settings of your domain and should be entered as a subdomain. The exact order and approach to to this may look different for different web hosts but the information that needs to be added in the different fields is:

Subdomain:gan1._domainkey
Typ:CNAME
Data:gan1._domainkey.gansend.com
Subdomain:gan2._domainkey
Typ:CNAME
Data:gan2._domainkey.gansend.com
Subdomain:gan
Typ:CNAME
Data: mta.gansend.com

The rest of the fields can be left as they are.

Check that DKIM is entered correctly

One hour after you have added DNS records, you can follow the steps below to confirm that the settings are correct:

  1. Log in to the account

  2. Click in the profil icon> "Sender"

  3. Click on “View Details

  4. Click on “Check status

If I have already set up a CNAME why do I have to change?

Why you should add the new CNAME:s is similar to why you should change your passwords periodically: it's a security measure that helps prevent attackers from impersonating your domain and sending spam or phishing emails.

The settings we asked you to add before are:

Subdomain: getanewsletter._domainkey

Type: CNAME

Data: key1._domainkey.gansend.com

To see the new values - see “Step 2: Add DKIM records”

Why should I not add a SPF record?

If you've read this article before or other deliverability articles, most of them say you need both SPF and DKIM. What we have previously asked you to add to your SPF record is:

include:spf.gansend.com

You still need SPF records for deliverability, but as of 2023-01-26, we have changed the setup so that you do not need to add us to your SPF record.

The short answer to why we no longer ask you to add us to your SPF record is that when you put in DKIM and a subdomain, you get the SPF for free.

The longer answer, and slightly more technical, is that when receiving servers receive an email, they examine the identity of the sender. To identify who the sender is, they look at the domains included in the background (email header) and their settings (SPF and DKIM).

For example, when you send a regular email, you can see in the email header:

Return-Path: <user@domain.com>

From: User Name <user@domain.com>

When you use a service to send out newsletters, regardless of which one, the Return-Path and From email addresses usually look different. The email address for Return-path is different because it collects bounces, which newsletter services want to handle. Therefore, it will look like this when you send it with a newsletter service:

From: User Name <user@domain.com>

Receiving servers check SPF records against the domain that is in the Return-Path. And since it is our domain, when you send a newsletter, the SPF record for your domain won't help. And this is the part where it gets a little more complicated.

Receiving servers want the domain of the Return-Path and From email addresses to match. Newsletter services need to collect and manage bounces - the solution?

When you set up a subdomain, the domains for return-path and from will match, while we can collect the bounces and manage the SPF record. In the end, it will look something like this when you send emails if you set up a subdomain.

From: User Name <user@dindomän.se>

Did this answer your question?