How to Set Up/Modify SPF for Zendesk
The following description addresses how to update a Domain Name Service (DNS) record to use SPF with your custom domain in Zendesk.
To utilize a custom domain, the Zendesk provider requires an SPF TXT record be added to the DNS record. This TXT record is then used by DNS to recognize email servers allowed to send messages on behalf of your custom/third-party domain. To determine whether a correspondence from the specified domain comes from an authorized messaging server, the recipient system relies on the implemented SPF TXT record. At that point, the message is either accepted, quarantined, or rejected by the email receiving system.
To implement SPF authentication for your domain, you will need access to your DNS records in the domain hosting account. Important: If you already have an SPF record, then you should modify that existing record. You must not have more than one SPF record.
For convenience, be sure to log in to your Zendesk account to verify your domain and copy your TXT records. Zendesk utilizes an include mechanism during the set-up process. For example, the following scenario is the most common and would pass SPF:
v=spf1 include:mail.zendesk.com ?all
If you send email from IP 1.2.3.4 for the domain “yourcompany.com” and that domain’s SPF record includes mail.zendesk.com and the IP address passes the SPF record, this mechanism will pass.
As mentioned, if you already have an SPF record set up (and because only one SPF record is allowed per domain), you can simply add a reference to Zendesk to it. For example, instead of having two separate records, combine them into one:
v=spf1 include:_spf.google.com include:mail.zendesk.com ~all
How to Set Up/Modify DKIM for Zendesk
Zendesk allows DKIM authentication. Email service providers that support DKIM check inbound email to verify whether an organization that claimed to have signed a message actually did. To create a DKIM record for your domain name, do the following:
1. Log in to your domain registrar’s control panel
2. Find option to change DNS records
3. Locate CNAME records for your domain
4. Create CNAME record with values:
Host Record – zendesk1._domainkey.yourcompany.com (Substitute your domain name as needed)
Points To – zendesk1._domainkey.zendesk.com
5. Create second CNAME record with above values (*Use “2” instead of “1” in this record)
To enable digital signatures in Zendesk, follow these steps:
1. Click Manage and select Email from Channels category
2. Scroll to Custom Domain for DKIM and select Enable
3. Click Save
As a user of this outbound email provider, Zendesk customers are afforded DKIM signing because it supports that mechanism. By utilizing Zendesk’s self-service portal, you can manually set up DKIM at your convenience via CNAME records mentioned above. Overall, this Zendesk product provides beneficial components (e.g., DKIM signing, self-service set up with CNAME records) that result in a streamlined process.