SPF and DKIM authentication for domains

Domain Verification is a pre-requisite in TransMail to stop misuse of Domains. These verifications ensure that your email lands in your recipient's inbox and not in their spam folder. To verify your domains, it is mandatory to set up both SPF Record and DKIM Record. Without this verification, you will not be able to send emails using your domains in TransMail.

TransMail makes SPF and DKIM mandatory in-order to ensure high deliverability and avoid spams.

  • TransMail uses its IPs to send emails only from verified domains. By making SPF mandatory, TransMail IPs reputation are not compromised due to a spammer.
  • ISPs use DKIM to track the domain sending history. This way ISPs build the domain reputation. Domain Reputation determines the successful delivery for your emails i.e. emails are delivered to the recipient's inbox and not to the spam folder.


When you send your transactional emails using TransMail, your recipient mail server will want to know whether TransMail has the permission to use your domain to send emails. Your recipient MX server will use Sender Policy Framework (SPF) to validate this. You will be able to send emails from verified domains only.

The general SMTP (Simple Mail Transfer Protocol) method of email sending by itself does not have any sender domain validation methods. So it becomes essential to have SPF to validate the authenticity of the email sender.

Configure SPF records for TransMail 

When you send an email from your domain using TransMail, the recipient email server looks up the email domain from the mail-from address in your email. It then checks with the DNS whether the email sending IP is authorized to send messages from this mail-from domain. If this is true then the email clears the SPF validation and is placed in the recipient inbox. You can learn to configure SPF for your domains added to TransMail in the domain verification section.

You can publish the SPF records for TransMail in your DNS as a TXT record. The TXT record will vary slightly based on the type of domain you use, as given below:

 TXT host/ nameTXT Value
Main domain (E.g., zylker.com)@/ blank v=spf1 include:transmail.net ~all
Sub domain (E.g., invoice.zylker.com) Sub-domain name* (E.g., invoice)

* - You need to add either the complete domain (subdomain.domain.com) or just subdomain name here. This depends on your DNS provider. 


If you have an already existing SPF TXT record configured for TransMail as "v=spf1 include:zoho.com ~all", then you should not create a new SPF TXT record for TransMail. If the new SPF TXT value is "v=spf1 include:transmail.net ~all", then modify your existing DNS SPF TXT record value to "v=spf1 include:transmail.net include:zoho.com ~all".


Your transactional email messages can get altered during transit. DKIM (DomainKeys Identified Mail) is a method that will protect your email messages. Every domain will have a public and private key. Public key is stored in the DNS. Using the domain private key, the sender encrypts the email message. When an email recipient server receives a mail from a particular domain, it checks with the DNS for domain authenticity and pulls the respective public key. The recipient mail server will decrypt the email message using this public key.

You will receive your SPF, DKIM and CNAME records while verifying your domain in TransMail as shown below:

Visit the domain verification section to learn how to set up DKIM for your domains.


Before you get started it is important to know that TransMail is for sending transactional emails like welcome emailers, password resets emails, OTPs. We do not support sending of bulk emails or promotional emails like newsletters or marketing campaign emails. If you are looking for a bulk email provider, check out Zoho Campaigns.