SPF and DKIM are essential email authentication protocols that help protect against spam, phishing, and spoofing.

• SPF (Sender Policy Framework) verifies that emails sent from your domain come from authorized mail servers.

• DKIM (DomainKeys Identified Mail) ensures that emails are sent from legitimate servers and remain unaltered in transit.

Both SPF and DKIM require adding TXT records in your domain's DNS settings.

Note: Only users with Administrator permissions can configure these settings in Zoho Thrive.

SPF helps receiving mail servers verify whether an email is genuinely sent from your domain. Here's how it works:

1. Creating an SPF Record: As the domain administrator, you define a policy listing the mail servers authorized to send emails on your behalf. This is the SPF record.

2. DNS Lookup: When an email is received, the mail server checks the DNS for your domain's SPF record and verifies if the sending server's IP address matches the authorized list.

3. Outcome: Based on your SPF record, the mail server will decide whether to deliver, flag, or reject the email. This prevents unauthorized senders from using your domain.

How DKIM works

DKIM ensures that your emails are verifiable by recipients using cryptographic authentication.

1. Publishing a Public Key: The domain administrator adds a public key as a TXT record in the domain’s DNS settings.

2. Signing Emails: When an email is sent, the outbound mail server generates a unique digital signature in the email headers. This includes hashes of the email body and certain headers.

3. Validation: When the recipient's mail server receives the email, it checks the DKIM signature. If the signature matches the public key stored in your DNS, the email is verified as genuine and unaltered.  

Steps to authenticate your email domain in Zoho Thrive  

Step 1: Add a 'From' email address  

1. Navigate to Settings > Sender Details and select Emails.

2. Click +Add New in the top-right corner.

3. Enter the sender name and email address, then click Add.
   

4. Hit Click to verify to confirm the email address before proceeding to the next step.

1. Go to Settings > Sender Details and select DKIM.

2. Find the domain associated with your "From" email and click Validate.
   

​

3. In the DKIM Authentication window, click copy icon next to the text records.

1. Log in to your domain hosting provider (e.g., GoDaddy, Cloudflare, Bluehost).

2. Access the DNS Settings and create a new TXT record.

3. Paste the copied SPF and DKIM values from Zoho Thrive.

4. Click Publish to save the changes.

Note: DNS updates typically take 24-48 hours to propagate.

Step 4: Verify your domain  

1. Return to Zoho Thrive > DKIM settings.

2. Click Validate next to the domain where SPF and DKIM records were published.

3. In the DKIM authentication window, click Validate Records.

4. If successful, the domain status will change to Verified.

Note: Zoho Thrive automatically checks for DKIM TXT records every two days to ensure they remain valid.

 For any queries, please reach out to support@zohothrive.com.