Certainly SPF and DKIM should be your first ports of call when it comes to implementing DMARC and email authentication. You can read what DMARC is and why it's important here.
SPF records are examimed when email receivers check to see if the server that sent the email was authorised to do so by the senders domain. It’s a great way for ISP’s to detect forged email.
As an example, if you receive an email from ‘[email protected]’ from a server with IP address ‘126.96.36.199’, the SPF check asks the ‘paypal.com’ domain if IP ‘188.8.131.52’ should be allowed to send email on it’s behalf.
So how do you get your email authenticated using SPF?
If you use the same domain for your email campaigns that you do for your commercial email. Make sure you check with your IT department and get the IP addresses used for your commercial email too.
You’ll need to copy the SPF record from the wizard and apply it to your DNS as a TXT record.
That’s about it! Your SPF record should now be visible to any organisation you send email to. Don’t forget to check the validity of your record using a tool such as http://www.kitterman.com/spf/validate.html. Any problems will also be highlighted if you’re a Return Path customer using Inbox Monitor, you’ll see it listed under in the Problems column next to each campaign:
Up next in our series on protecting your brand from phishing, we'll discuss how to set up DKIM.