DNS & Networking Updated Mar 2026

Setting Up SPF, DKIM, and DMARC

Stop your emails landing in spam. A complete guide to email authentication records for Tanzanian businesses.

spfdkimdmarcemail authenticationspamdeliverabilitydnstxt recordemail security

Why Your Emails Land in Spam

The most common cause of business emails landing in spam is missing authentication records. SPF, DKIM, and DMARC are three TXT records that prove your emails are legitimate.

SPF — Sender Policy Framework

Tells the world which mail servers are authorised to send email from your domain. Add as a TXT record on your root domain:

v=spf1 include:mail.sakurahost.co.tz ~all

If you also send via Google Workspace: v=spf1 include:_spf.google.com include:mail.sakurahost.co.tz ~all

Critical: You can only have one SPF record. Merge all sending services into a single record.

DKIM — DomainKeys Identified Mail

Adds a cryptographic signature to every outgoing email. Your email provider generates a key pair and gives you a TXT record like:

Name: default._domainkey.yoursite.co.tz
Value: v=DKIM1; k=rsa; p=MIIBIjAN...

Copy exactly — one wrong character breaks it.

DMARC — Policy Layer

Tells receiving servers what to do when an email fails SPF or DKIM:

_dmarc.yoursite.co.tz  TXT  "v=DMARC1; p=none; rua=mailto:dmarc@yoursite.co.tz"

Start with p=none (monitor only), then move to p=quarantine, then p=reject once you're confident in your setup.

Setup Order

  1. Set up SPF
  2. Enable DKIM with your email provider
  3. Add DMARC with p=none
  4. Monitor reports for 2 weeks
  5. Move to p=quarantine, then p=reject
Sakurahost Business Email customers: We pre-configure SPF and DKIM for you. Contact support and we'll add DMARC to complete your setup.

Ready to start sending?

Create your account, fund your wallet, and send your first SMS in minutes.