To improve deliverability, you need to tell the world that our IP-addresses used for sending e-mail in your name are authorized to do that.
SPF (= Sender Policy Framework) is a method used to protect a domain from being used by unauthorized senders (e.g. spammers).
When we send an email with a from-address ending in your domain your SPF-records need to show that our servers are authorized to do that. This allows spam-filters to rely on that the email has really been sent from you. This increases the chance of your email not ending up in the recipient’s junk-mail.
If your company already has an SPF-record for your domain (i.e. the domain you’re using as reply-to in your emails) you simply add include:_spf.ungapped.email before the parameter ~all in your existing SPF-record.
If your company doesn’t have an SPF-record then add a TXT-record in your DNS with the value: v=spf1 include:_spf.ungapped.email ~all
Do not add more than one SPF-record for your domain. If your already have one like:
“v=spf1 a mx include:_spf.google.com include:spf.protection.outlook.com ~all”
all you need to do is add the Ungapped domain * just before ~all i.e.:
“v=spf1 a mx include:_spf.google.com include:spf.protection.outlook.com include:_spf.ungapped.email ~all”
NOTE: In case you reach the limit of SPF-records included, maybe you need to include the unique IP address you get assigned by Ungapped.
DKIM (= Domain Keys Identified Mail) is an email authentication technique that allows the receiver to check that an email was indeed sent and authorized by the owner of that domain. This is done by giving the email a digital signature. This DKIM signature is a header that is added to the message and is secured with encryption.
To allow authorize Ungapped encrypted emails add a subdomain to your domain pointing to our DKIM-signature:
Create a CNAME record for key1._domainkey.example.com with this value: