Setup Proton Mail SPF, DKIM, DMARC Records for Domain Authentication

SPF (Sender Policy Framework) helps prevent email spoofing by allowing domain owners to specify which mail servers are authorized to send email on behalf of their domain.

DKIM (DomainKeys Identified Mail) adds a digital signature to your email headers, enabling the recipient's server to verify that the email has not been altered during transit and that it indeed comes from your domain.

DMARC (Domain-based Message Authentication, Reporting, and Conformance) builds on SPF and DKIM. It allows domain owners to specify how receiving mail servers should deal with emails that fail SPF or DKIM checks.

You can configure these DNS records in the Proton Mail Domain Settings. Add these records to your DNS provider for verification. By doing this, you can prevent emails from going to the spam folder.

Configure Proton Mail DNS Records:

1. On the dashboard, click the Settings icon in the left panel.

   

2. Click the All Setting button.

   

3. In the left navigation menu, go to Domain Names and click Add Domain.

   

4. Write your domain name and click Next.

   

Verify Domain with Proton Mail:

1. Copy the verification record, add it to your DNS provider.

   

2. Login to your DNS provider and select your website (We use Cloudflare for this guide).

   

3. Head to the DNS section and click Add Record.

   

4. Select Record type TXT.

5. Write "@" in the Name field.

6. Copy the verification value from Proton Mail, paste it into the Content field and click Save.

   

7. Click Next, move to the Addresses tab, and click Add Address.

   

8. Select the email address and click Next.

   

Setup Proton MX Record:

1. Select record type MX.

2. Copy the hostname and add it to the Name field.

3. Copy the record value and paste it into the Mail Server field.

4. Select priority 10/20 (as mentioned in the record) and Save.

   

Setup Proton SPF Record:

1. After adding the MX records, click Next. It will take you to the SPF record tab.

2. In the DNS dashboard, select the type TXT.

3. In the Name field, write "@."

4. In the Content field, add the SPF value.

5. Click Save.

   

How to merge multiple SPF records?

To merge multiple SPF records, you can use the DmarcDkim.com SPF merge tool.

1. Open the SPF merge tool.

2. Add your domain name and Proton Mail SPF value.

3. Click Merge SPF Values.

4. Copy the merged value and replace your existing SPF record.

   

Setup Proton DKIM Records:

Proton provides you with three DKIM records, add all of them to your DNS dashboard.

1. Select record type CNAME.

2. Add the hostname in the Name field of your DNS provider.

3. Copy the DKIM value and paste it into the Target field.

4. Turn off the proxy and click Save.

   

5. Add all the DKIM records by following the same steps.

Setup DMARC Record for Proton Mail:

DmarcDkim.com DMARC Check tool allows you to take full control over your DMARC policy and gives you actionable insight at every step of the way. The user-friendly interface helps you manage much more to stay one step ahead of the scammers.

1. Go to the DMARC Check tool.

2. Add your domain name and click Check DMARC.

   

3. The tool gives you an initial monitoring value - add it to your DNS provider.

   

4. After monitoring all incoming emails, it guides you to setup a strict policy to block unauthorized emails.

5. Sign up for the tool to get actionable insights and DMARC reports.

   

Verify Proton Mail DNS Records:

1. Once all DNS records are added, refresh the Proton DNS page.

2. If the records are authenticated, the DNS status next to your domain will turn green.

   

3. If the records are not authenticated immediately, wait for 24 hours.

NOTE: If DNS validation fails after 24 hours, it points to a potential misconfiguration in the DNS setup. Look for any typos in the DNS values and make sure there are no conflicting records.

If you are unable to find the underlying issues, hire a DmarcDkim.com expert to handle your domain authentication hassles for you.