Amazon SES SPF and Dkim Setup Tutorials

SPF and Dkim settings are for the domain name mailbox (public mail will not give you permission to modify DNS), the main role is to prevent mailbox forgery improve the message credit

First add the domain name to Amazon and verify

After adding, the method of domain name verification is given, which is to add a TXT record in the DNS record

To domain DNS Management

Click Refresh, the general record is added soon after the automatic verification through

Introduction to SPF

SPF is the sender Policy Framework. SPF prevents others from forging you to send emails, and is a solution for anti-counterfeiting messages. When you add an SPF record to the DNS of your domain, the recipient will determine whether the IP address is included in the SPF record based on your SPF record, or if it is a correct message, otherwise it is considered a forged message.

Detailed usage and introduction

SPF Add method for Amazon SES

Adding text records in DNS

1	v=spf1 include:amazonses.com -all

Explain:
Version of V=SPF1SPF. If you use the Sender ID, this field should be V=SPF2
Include accept ISP as amazonses.com to send letters
-all In addition to accept the include, the others do not recognize, you can also use ~all soft failure, indicating that the other can pass, but will be marked

Note: Amazon ses add more details about the SPF http://docs.aws.amazon.com/ses/latest/DeveloperGuide/spf.html

About Dkim

The basic working principle of DKIM is based on the traditional key authentication method, he will produce two sets of keys, public key and private key (private key), the public key will be stored in DNS, and the private key will be stored in the sending server. The private key is automatically generated and attached to the message header and sent to the sender's server. The public key is placed on the DNS server for automatic access. The receiving server will receive the private key that is entrained in the message header and obtain the public key on the DNS itself, then make comparisons, compare the legal name of the sender, and, if it is not legal, the spam message. Since digital signatures are not counterfeit, this technology will be a deadly blow to spammers.

We use Amazon's easy DKIM to get Amazon to help us with our signature work.

After clicking Generate

Add corresponding records to the Domain name management panel

After the parsing is successful, turn on Dkim

After using Dkim, the word "email protected" will be removed when sending mail to Gmail.

Note: Amazon ses easy dkim in detail http://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html

Amazon SES SPF and Dkim Setup Tutorials