nShift Transsmart has a feature for sending shipment status information directly to your customers. In order to guarantee that these emails reach the intended recipient, it is important that you comply with SPF and DKIM implementation guidelines.
Both SPF and DKIM are used by the receiving email server to verify whether the email originates from a trustworthy source. Not implementing either of them will make it much more likely that your emails are bounced or get marked as spam. On MyTranssmart dashboard you will not be able to activate your email templates unless you have SPF in place. Also configuring DKIM is advisable, but not a prerequisite for the email template activation.
Implementing SPF and DKIM requires creating certain DNS records. DNS entries are public records stored by so-called name servers. They typically help translate domain names to IP addresses, but they can also be used to hold other types of information.
If you are not able to change your company's DNS records, please share the instructions below with your system administrator.
These instructions assume that your email templates use "sample@yourdomain.com" as the ‘From address’. Make yourself familiar with your registrars DNS control panel before making these changes.
Implementing SPF
This requires adding a DNS TXT record that identifies Transsmart as a valid source for your emails.
You need this to create this new DNS record:
domain name : yourdomain.com
type : TXT
value : v=spf1 include:spf.transsmart.com ~all
If you already have an SPF record, you will need to add "include:spf.transsmart.com" before the fail type indicator (~all, -all, ?all).
Verification
You can verify correct implementation by using an online SPF checker. An example is MXtoolbox.
Implementing DKIM
In case of DKIM, the sending server is digitally signing the email with a key. The receiving server then looks for matching DNS records to verify the signature.
Because security guidelines advise a regular rotation of the private keys used for signing emails, you will need to create 2 DNS CNAME records. This allows Transsmart to rotate the key without any impact on the delivery of your emails.
These are the details of those new entries:
domain name : transsmart1._domainkey.yourdomain.com
type : CNAME
value : transsmart1._domainkey.transsmart.com
domain name : transsmart2._domainkey.yourdomain.com
type : CNAME
value : transsmart2._domainkey.transsmart.com
Verification
Also here, there are multiple online tools available to help you with the validation process. A good example is Mimecast. You can use transsmart1 and transsmart2 as a selector in those checks.
Sidenote: It takes time for changes to the DNS system to be implemented. Typically, it can take anywhere from a few hours to a day, depending on your Time To Live (TTL) settings in your registrar's control panel.
Important note: if you wish to setup DKIM with Transsmart (so not any other nShift product), first perform above steps and after this is done, send an email with your domain name(s) to product.transsmart@nshift.com so we can also set it up correctly on our side (generally speaking the same working day). As soon as we have done the setup on our side, emails that will be sent from our platform on your behalf, are expected to have a DKIM CNAME record. If it doesn't exist, there is a big risk the emails will be considered as spam so please stick to these steps.
1 comment
Really good instruction.