Neither method is a way to authorise emails. They are simply another anti spam check that the receiving mail server can do to check that the email is not spam.
SPF records are the simplest to set by creating a SPF or TXT record on in your DNS zone that simply lists the mail servers that are allowed to send email for your domain, if the email is sent from a non listed mail server then it maybe flagged as spam.
DomainKeys are more difficult to setup as you need to set it up on both the mail server and DNS zone for the domain. With this system the mail server includes a DKIM signature with parts of your email message, the receiving mail server gets your public key from your DNS zone.
DomainKeys are a better system, but most mail servers do not support it, and only show that the message is sent from a mail server that is allowed to send email for your domain. Mail servers that support DomainKeys will often only give a very low spam score if the email does not have the correct DKIM signature.
Our own mail servers give a score of -2 if SPF of DomainKey is OK, and +2 if not, which means that most emails even if they fail would not be classed as spam unless other indications top the spam score above 10.
The reason for this is that many people don't setup SPF records of DomainKeys correctly, or have workers that will send emails from other SMTP servers, like their ISP's mail servers which would not be listed or not be setup to include the DKIM signature.
Topic Options
Post Options
Thanks(0)
