Bill Hartzer

Email Deliverability, Setting Up DMARC, DKIM, and SPF on Your Domain

In episode 46 of the Digital Marketing with Bill Hartzer podcast, I talked about Email Deliverability. If you send or receive email from your domain name, it’s important to make sure you have DMARC, DKIM, and SPF records set up in your DNS. This will help make sure that your emails are delivered when sent, and no one can spoof your domain name.

You can listen to the Digital Marketing with Bill Hartzer podcast on Apple Podcasts, Amazon Music, iHeartRadio, and on Google. The video is also available on YouTube, on my YouTube Channel.

Transcript from the Podcast

Below is the full transcript from episode 46, Bill Hartzer on Email Deliverability, Setting Up DMARC, DKIM, and SPF.

Bill Hartzer (00:01):
Hi, this is Bill Hartzer. And this is the digital marketing podcast with Bill Hartze for Thursday, October 29th, 2020. And this is I believe is the 46th version the 46 version or episode, I should say, of the digital marketing podcast with Bill Hartzer. And today I want to talk specifically about email deliverability and we think about you know, digital marketing and so forth. And with digital marketing, I usually talked about search engine optimization as well as social media and I’ve had content guests. I have had people talk about content, social media topics, paid search PPC, Facebook ads, SEO. I’ve talked specifically about optimization on your website, internal links, but I think it’s most important actually to talk specifically and realize that part of digital marketing specifically is email deliverability and a lot of people don’t you know, don’t really think about email deliverability and it’s one thing that honestly I didn’t really know too much about.

Bill Hartzer (01:36):
Until I started talking a little bit more with a friend of mine, a long time friend of mine named Chris, Chris Lang, who I have one of these days, I’ll get Chris onto the digital digital marketing podcast with Bill Hartzer. And we’ll go through some really terrible things with email deliverability. But in fact, actually what I want to do is specifically about the, kind of the high level aspects and parts of making sure that when you send an email, whether from your domain name, I got or you know, bill@billhartzer dot com. And, you know, those are my own, you know, it’s not a Gmail account I’m using, I’m using my own domain name or my agency domain name, or my company domain name and email deliverability is kind of a niche that is becoming more and more popular.

Bill Hartzer (02:44):
And there are some experts out there that talk specifically and help you make sure that when an email is sent from your domain name, it is received by the person who you’re sending it to and see, it is getting tougher and tougher to send an email or to send an email through your email newsletter, or maybe offers to your customers or potential customers or people who are on your list. It’s more getting more in difficult, over and over and getting extremely difficult in a lot of cases to make sure that when you send that offer or send that email, whatever format, you know, format is in that the receiver actually receives it in their inbox. So there’s a, there’s a few things that every domain, I don’t care if you have a news, an email newsletter or not, or if you have a, you know, you send five emails a month or 5 million emails a month, it doesn’t matter. There are three settings, three things that you need to do to make sure that there’s a better chance that your email is delivered when you send

Bill Hartzer (04:10):
So there’s a few things that I want to go over. The first thing is I want to mention I’m DN Protect. So is a service that I developed the algorithm behind. It’s your credit score for your domain name. And we don’t really look at, in this algorithm to figure out, okay, how risky your domain name is. We don’t really specifically talk about, or look at things on your website. We’re concerned more with the settings and how you’ve set up your domain name and what it comes down to sending up the domain name. There are certain factors that make sure that you won’t are there risk factors. And for example, if there’s a certain time, you know, you need to register your domain name for at least a few years in the future. Because if you just, if it, if it’s only registered and it’s going to expire soon than you’re probably going to have, you know, it’s going to be risk riskier than whether you not, you’ve registered that domain name for, you know, two, three, five, 10 years or, or forever and Epik. As the only registrar that allows you to register your register, your domain name for one price, but forever, essentially you will never have to pay a renewal or renewal fee in the future. So you essentially won’t lose your domain name because of the fail you failed to renew it.

Bill Hartzer (05:52):
The other issue is there are records like DNSSEC, every no main that has a website needs to have DNSSEC enabled essentially gives essentially more security to your domain name and it secures the DNS, the domain name system. Essentially what happens is, is when you type in a domain name into a web browser, there’s a lookup that happens. And that lookup essentially looks at a table of data and says, okay, the information, and the files for this website are at this IP address at this particular location, it does a quick lookup. Well, we can actually in that whole DNS process and so forth, the same thing happens with email and emails that we need to know it, you know, the system needs to know essentially where you know, where to get that email and, and w where to pull it from what IP address and where the domain names are located and points to.

Bill Hartzer (06:59):
So DNSSEC, actually kind of essentially encrypts and secures that whole backend system. And we, you know, it’s not something you or I see it’s, it’s not related to. It is not related to HTTPS. I, you know, having a secure website, it’s actually more on securing the domain itself. And I would really wish, frankly, that more domain owners like yourself, if you have a domain name that you need to make sure that DNSSEC is enabled on your domain name and the way you do that is you basically contact your registrar, your domain name, registrar, wherever it’s registered to, and wherever it’s registered whether it being that Epic or, or network solutions or dot stir, or name silo, Namecheap wherever it is. W w wherever the domain is, you need to actually make sure that they turn it on for you, and it should not cost anything.

Bill Hartzer (08:02):
It’s just a matter of, you know, sometimes opening up a support ticket with them and ask, asking them to turn it on. And there are some registrars were basically allow you to log in and, and turn it on. That’s kind of rare, but it needs to be turned on. And so when something, something that you can do now to kind of help secure your domain name in the background and so forth. So the other parts are, is, is related to email. And, you know, I sent I was talking to earlier about about email deliverability, and that’s what this episode is concentrated on. And DNS sec is, is one area. It was happy to secure your domain and the domain name records and the D you know, domain name system that we call the DNS. And actually so there’s three parts DMARC, DKIM and SPF.

Bill Hartzer (09:04):
And those basically are essentially a way to show the servers that when an email is sent from your domain name and I’m using, as the example, when I send an email and I want to make sure that the receiving web server knows that I’ve essentially digitally signed that email. And in that case, when I send the email out, I’ve digitally, sign it to say, okay, this is the IP address. This is the, this is the domain name associated with this particular web server. And that’s where the email should originate from what can happen is that somebody else who could actually spoof my domain name, or they could fake that, they’re sending an email on my behalf. And so you might, you could receive an email that says it’s from, but it’s actually, it’s an email that I didn’t really send to you.

Bill Hartzer (10:27):
And so this is you know, important because of the fact that if you have these records enabled, there’s much more, you know, it’s, your email is essentially digitally signed or signed, and it’s more trustworthy. There’s a better chance that somebody who is receiving that email will actually get that email, because when it, when I’m sent out that email, when I send it out, it’s, it’s digitally signed from my server, so that it actually helps that how the receiver and web server actually say, okay, this is, this is an email that’s more trusted. And so, yes, I’m going to deliver it and put it in their inbox essentially. It’s not a guarantee. I mean, it’s not a guarantee that it’s going to go to spam, but it’s it’s, it’s at least puts you at a very big advantage because you’re setting this up.

Bill Hartzer (11:41):
And this is a setting that these are three settings that need to be added essentially fairly easy to set these up. And there’s kind of two parts to it. DKIM and the SPF records, those can actually be gotten from your web host, for example, if you’re using cPanell you can generate your web server will generate those records and your web hosts can actually help you generate those records. But in particular, if you, if you use C panel and WordPress, which is fairly common nowadays, you can go into your C panel and you actually click on email deliverability and go through, and that will actually allow you to generate the records. And you literally copy thou stray of characters, and you’ve put those in the DNS. So if you’re using CloudFlare, for example which is a popular system, you know, popular system for handling DNS, but also for handling know essentially content delivery network, which makes your website load faster wherever your DNS is.

Bill Hartzer (12:56):
And you, you kind of need to figure that out. And if you look at your, who is record, you can look at the name servers and, you know, and basically you’ll be able to see whether or not those are, for example, pointing to CloudFlare, or if they’re pointing to your, you know, your particular web server or your web host that would probably be somewhere where you’d add those records. You can also add them if they might be actually at your registrar, if you’re using Epik or, or GoDaddy, or Network Solutions, they might be hosting your DNS. So that’s where essentially go into that area and you add a record. So you would specify that as a TXT record and you copy, literally you copy the data from the SPF record that was generated, and you just paste it in there and hit save same thing for the Kim.

Bill Hartzer (13:55):
I have actually also been usefully for DMARC DMA RC. Essentially as a way to, you know, is also, you know, part of email deliverability, and you want to have a DMARC record as well. That essentially is, is think about it as it looks at all your emails, not the content of it, but it basically says, okay are there any emails, any errors so sending or receiving these emails, and if there are any, then it’s, then it’s saved in a particular location. And there are certain services like DMARCian that essentially help you handle your DMARC records. You can, you can log in there and it will, it will analyze your records and analyze any errors sending and receiving. I guess it does, it doesn’t really look at the content of the email itself, but it looks at kind of the behind the scenes, if you will, and looks at that area.

Bill Hartzer (15:03):
So again, there are basically a couple of different records DMARC, DKIM, and the SPF records that need to be added to the DNS of your, and the S you know the domain name system of your particular domain name once you’ve done that, it’s kind of a one-time process. It should we only take once you actually, yeah. Know how to do it, it’s, it’s literally probably less than two or three minutes to copy and paste those and put them in the domain. A lot of it is just, you know, it’s just that a lot of the fast, the time is involved as just knowing where the records are and then, and, and getting to in generating the record, clicking and copying and pasting. So if you know how to do this, and you’ve done it for one domain, it’s fairly simple to do it for other domains.

Bill Hartzer (16:03):
I only, you know, while I do believe that you should set up those records, especially DKIM and SPF as well as DMARC, they all should generally speaking. They should be set up for all your domains. Even though you may not necessarily have a website and because of the fact that we don’t really want people to be able to spoof our domains and say that, you know, pretend that they’re from another, from your domain name and setting, sending email spam, you know, from your domain. Another way to check if you’re on email black lists, look at you can run a DN protect and, and get your domain name score there because DN protect will not only check, check the DMARC and SPF and DKIM records, but it also will check to see if you’re on any of the, any of the major email blacklists.

Bill Hartzer (17:05):
Yeah, you will not be able to send and receive, but nobody will, no one will receive your emails if your domain is blacklisted and he might have even issue sending potentially there could be even, you know, even other consequences you know, maybe a web host might not, what do you mean to deal with you if you’re sending or receiving spam? So you want to make sure you’re not on those email blacklists MX toolbox is another place to go. But essentially DN protect. We’ll pull all those and aggregate it for you and tell you whether or not you have an email blacklists problem or not. So now the way and so D Mark D. Kim SPF records Dan protect Scott com to check those, if you have them be don’t, then you’ll need to set them up. And so the spot bout as much time I have for the digital marketing podcast, digital marketing with Bill Hartzer podcast for this afternoon, if you have any questions about setting those up even why, you know, you need to set those up and, you know, even what they mean or anything like that. She mean, you know, you can certainly get in touch. I’m @bhartzer on Twitter.

Bill Hartzer (18:33):
You can get in touch with me. or as well. And also don’t forget to hit that subscribe button here because every week I do have a new episode of the digital marketing with Bill Hartzer podcast, as well as I do have my digital digital summit t-shirt on today from the digital summit conference. And as well as like, and this post as well. If you’re seeing this on YouTube, so again set up your DMARC DKIM and SPF records, and let me know if you have any questions and hopefully once you get those set up and validated and so forth you can you can validate them at DNS at Thanks again, this is the digital marketing with BillHartzer podcast. We’ll talk to you next week, and hopefully you’ll get all of this set up. And when you send and receive emails we will get them in our inboxes.

Exit mobile version