Using DKIM & With Third Party DNS

DKIM & SPF records are important services for ensuring that your domain is not delivered to the spam folders of your recipients or even outright rejected. HostGator currently enables these by default for all cPanel accounts. Third party DNS providers may require you to manually add these DNS records.

There are three core steps to adding DKIM & SPF records to your third party DNS provider:

Note: This article is to assist with email accounts hosted on your HostGator cPanel hosting. If you are using a third party email hosting provider, you will need to consult the provider for your email hosting for assistance with DKIM and SPF records.

Ensure DKIM & SPF are Enabled

The first step is to ensure that both DKIM and SPF are working properly on your cPanel:

  1. Log into your cPanel
  2. Click the Email Authentication in the Mail section.
  3. Locate the DKIM section. If the status is not Enabled, click the Enable button.
    Note: If you are already using third party DNS the required DKIM record will be provided here when the service is enabled.
  4. Return to the Email Authentication page if you enabled DKIM.
  5. Locate the SPF section. If the status is not Enabled, click the Enable button.
  6. Return to the Email Authentication page if you enabled SPF.
  7. When your SPF status is Enabled, your raw SPF record will be displayed here, please copy this for step 3.

If your DNS is already pointed at your third party DNS host, you may copy the DKIM record and raw SPF record provided on this page and skip to step 3.

Find and Copy Your DKIM-Signature

If you are currently using HostGator nameservers, your DKIM record will not be displayed in cPanel. To get your DKIM record you will need to be able to view your full email headers.

To do this, you will need to send mail to yourself at an external email address, such as Gmail, Yahoo, or a domain hosted on another server, then check the email headers. Alternatively, you may use a service such as ISnotSPAM.

Once you have the headers from an outbound email, look for this section:

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=hgunlimited.com; s=default; h=Message-ID:Subject:To:From:Date:
Content-Transfer-Encoding:Content-Type:MIME-Version;
bh=JUmMmS1Lna1PPFKxOCvqS3v+fr8dj4qCwpvucGl1i2o=; b=TNH8rwqFBvZO2m9qcXLollRx82xvvo9RYsfIMl34/k6XMD3WiB6LGMSDCw715EAca6RadiTAq7LtOfAIYhiJ4DE0hPOMnvKGWweypTZLz8cw+x9Zx4I03is55TuxIS5+Vk4g0F5V+gv5Ddr5m8Gni80Yx22aL9qrYkZInBdkU3Z0lTavUgxdLdARscOcS4apQmuOnQfOqOPR8Nof1tg3YhiLs6cTQ/cR+6fT0gngw9+70owkSpY6mydOl1KLDpJBYWHNgyoBFQhx+QqalFZMIj+w2i+3yBdP+EE0nUhBS2J5rxpTett+cfV4Mkmoc88yI1zFYdyld4xBWeeZvgGBmw==;

You will need to copy the entire value after DKIM-Signature: for creating your DKIM record. Once you have both the raw SPF record and the DKIM record, you may proceed to the next step.

Note: Copying the signature may add line breaks which must be removed. Paste the signature into a notepad program with wordwrap off and delete any line breaks until there is only one line.

Add SPF and DKIM Records to Your DNS Zone

Once you have the values for your SPF and DKIM records, you will need to create 2 TXT records at your third party DNS provider:

Record Type Name Value TTL
TXT example.com. 14400 Value for Your raw SPF Record
TXT default._domainkey.example.com. 14400 Value for Your DKIM-Signature
Note: You will need to replace example.com with your domain name, and be sure to include the extra period (.) at the end of "example.com." for both records.

After you have added your new DNS records they should function correctly within 4 to 8 hours if your nameservers are already set to your DNS host, or 24 to 48 hours after you update your nameservers.