Imagine you’re sending an important letter to a friend. You write your message, put it in an envelope, and drop it in the mailbox with your address (From Address) and your friend's address (To Address). But what if someone along the way tampers with your letter, changes the contents, or even forges a letter pretending to be you? Your friend might receive a completely different message, or worse, never get it at all.

This is exactly the kind of problem businesses face with email security. Just like traditional letters, emails can be intercepted, modified, or forged. To protect email communication, organizations use two important security measures: DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework).
Zylker Techfix encountered a major issue without these security measures : customers weren’t receiving support emails. Some emails bounced back, while others landed in spam folders. Without DKIM and SPF, email providers couldn’t verify whether Zylker’s emails were genuine or forged.
Understanding DKIM
Like official letters have signatures or company seals to prove authenticity, DKIM (DomainKeys Identified Mail) does the same for emails.
Using email forwarding and two-factor authentication, Zylker Techfix used public domains like Microsoft and Google with Zoho SMTP. Configuring DKIM was not the solution in this case; instead, the Custom SMTP setup within Zoho Desk resolved the issue. To further enhance security, they could enable Custom SMTP OAuth for a passwordless configuration.
Why did Zylker Techfix Implement DKIM?
Zylker Techfix used organization-level email addresses from a domain procured through their official website. These addresses were used by different departments. However, they faced email bounces due to authentication failures when sending messages via Zoho’s servers. This disrupted their customer support services, as bounced emails prevented ticket creation.
To resolve this, they enabled DKIM authentication in Zoho Desk. The setup was simple:
- Added the DKIM public key as a TXT record in their DNS settings.
- Verified the key using the "Verify" option in Zoho Desk.
- Ensured all outgoing emails carried the DKIM signature to authenticate email communications.
By enabling DKIM, Zylker Techfix significantly improved email deliverability, reduced email tampering, and prevented spoofing.
Now imagine you’re sending the package to your friend through a trusted courier service like FedEx or UPS. If someone tries to deliver a fake package using their branding, the courier service will refuse to accept it.
SPF (Sender Policy Framework) works in the same way—it ensures that only authorized mail servers can send emails on behalf of your domain.
SPF: The "Authorized Courier"
- SPF acts as a list of trusted email servers that are allowed to send emails from your domain.
- When an email is received, the recipient's email provider checks whether it came from an authorized server.
- If the email comes from a trusted source, it is delivered; else it is rejected or marked as spam.
How did Zylker Techfix implement SPF?
Set up SPF by specifying specified email services as their authorized email senders.
To improve security, Zylker Techfix set up SPF records to tell email providers:
"Only emails sent from Authorized email servers should be considered legitimate. If an email comes from another server, don’t trust it!"
The Benefits
Setting up SPF prevented spam, fraudulent emails, and email spoofing while ensuring better email deliverability.
After implementing DKIM and SPF, email deliverability improved, customers received emails without issues, and communication became more secure and professional.
Final Thoughts for Every Business
Whether you’re a small startup or a large enterprise, email security matters. Without DKIM and SPF, your business risks lost emails, email spoofing or tampered messages.
Enable DKIM and SPF today!