CorpInfoTech Blog | Resources and education regarding the latest in cybersecurity and compliance!

How to Set Up SPF, DKIM, and DMARC Using Google Workspace

Written by Waits Sharpe | Feb 1, 2022 9:57:00 AM

Your emails are important. It's how you conduct business, set up meetings and work on projects with other companies. Because of this cyber criminals may impersonate your domain to try and breach another organization. 91% of cyber attacks start with a phishing email which is why you need to make sure that no one is using your domain to send malicious emails. One way of doing this is through setting up SPF, DKIM, and DMARC in your Google workspace.

How to set up an SPF record

SPF stands for "sender policy framework" and is a protocol for validating emails coming from the domain it claims to. Setting up and SPF record is relatively simple in Google Workspace just follow the next steps:

  1. Sign into your admin console for your domain.
  2. Find the advanced DNS record settings
  3. Create a TXT record and assign the value v=spf1 include:_spf.google.com ~all
  4. Save your changes
How to set up a DKIM record

Setting up a DKIM (Domainkeys identified mail) is the next step in securing your email domain. A DKIM record is a signature that attaches to all of your emails proving it came from the right place. If someone is trying to use your domain without that signature it will be denied or marked as spam. Setting up a DKIM record consists of several steps. First create a DKIM domain key:

  1. Open up Google Workspace Admin console. Select Apps > Google Workspace > Gmail > Authenticate email
  2. Select your domain from the drop-down list and click the generate new record button
  3. Copy the text

Next you'll have to create a record to tie the key to your domain:

  1. Login to your domain provider's admin console
  2. Find advanced DNS settings page
  3. Creat a TXT record with the name google._domainkey. Next assign it the values created in the first step. Example:  v=DKIM1; k=rsa; p=ALb9a35QAA35in7qDAB
  4. Save and update the settings
How to set up a DMARC record

The last step is to create a DMARC record which stands for "Domain-based message authentication, reporting and conformance" record. DMARC is built off of both SPF and DKIM record so the first two sections are important to do beforehand. The next steps include:

  1. Login to your domain providers admin console
  2. Locate advanced DNS settings page
  3. Create a TXT record with settings you want to apply to your DMARC record
  4. Save all changes

The steps to securing your domain in Google workspace are relatively easy to set up you just need to know how. The best part is that if you want to make sure you get it right CorpInfoTech is ready and willing to help secure your email domain. If you require help feel free to contact us today

CorpInfoTech, a Managed Service Provider (MSP) with over 25 years in the SMB space, is a trusted partner for business pursuing compliance and cybersecurity. We are a CMMC Level 2 (C3PAO) certified MSP and a Cyber AB Registered Provider Organization (RPO). Also, as the first CIS accredited organization, we help organizations implement the CIS controls as it pertains to CMMC and your overall cybersecurity posture. CorpInfoTech is your trusted partner for secure, compliant growth in every changing digital landscape.
View full post