stackoom
  简体   繁体   中英

SPF / DKIM / DMARC with AWS SES dns setup

 原文  2021-03-12 16:22:25       dns/ amazon-ses/ spf/ dkim/ dmarc

Question

I've been trying to figure out how to set up DNS for the domain that we use to distribute emails via AWS SES API.

Taking domain like example.com I have verified DKIM by using 3 generated CNAME records. I then enabled MAIL FROM Doman , where I was only able to generate subdomain mail.example.com with the following records:

MX
name: mail
value: 10 feedback-smtp.eu-west-2.amazonses.com.

TXT
name: mail
value: "v=spf1 include:amazonses.com ~all"

I also have a TXT record for DMARK as:

name: _dmark
value: "v=DMARC1; p=quarantine; fo=1; pct=25; rua=mailto:dmarcreports@example.com ruf=mailto:dmarcreports@example.com"

For sender email address I use mail@example.com which uses all the same verification.

My DMARC policy specifies relaxed alignment for DKIM as the From header uses email address with plain domain mail@example.com while MAIL FROM subdomain mail.example.com

All emails at the moment bounce back and I'm not entirely sure why. Also - when previewing the bounced message - From shows as From: MAILER-DAEMON@eu-west-2.amazonses.com rather than verified sub-domain mail.example.com - not entirely sure how long does it take for changes to take effect, but everything has been verified a couple of hours ago and it's still failing.

I have the sending email mail@example.com set up with Gsuite - so it also has a set of standard Gmail MX records.

Question

Should I instead remove the SPF TXT record for mail.example.com and instead create one which will include subdomain as well as amazonses.com ?:

TXT
name: 
value: "v=spf1 include:mail.example.com include:amazonses.com ~all"

Anything else that could be done to make it all work? I learn as I go with it so perhaps I miss something obvious, but any help would be much appreciated.

1 answers

solution1
 0  2021-03-19 08:14:33

so actually I think this article can be helpful, but if you cannot find the answer you are looking for, guys from EasyDmarc provide cool support. I had a case and couldn't find answer, they helped me to figure out. So you can contact with them by support chat. https://easydmarc.com/blog/dmarc-step-by-step-guide/

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Validate DKIM, DMARC SPF, MX DNS records for a domain using a script Is the PTR for a mail server using DMARC, SPF, and DKIM only needed on the one main computer with the actual mail server? DMARC/SPF configuration error DMARC DKIM Alignment Setting up dkim setup dns zone syntax error on bind in ubuntu SPF and DKIM records for Mandrill on DigitalOcean SPF and DMARC for domain that should not send any emails AWS Route 53 DNS setup Setting up SPF & DKIM with Parse.com DNS - DKIM wright p param
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM