Netigate Success Center


Understanding DMARC, DKIM, and SPF

DMARC (Domain-based Message Authentication, Reporting and Conformance), DKIM (DomainKeys Identified Mail), and SPF (Sender Policy Framework) are key email authentication protocols that collectively safeguard against unauthorised entities sending emails from a domain they don’t control.

Think of DKIM and SPF, like a business’s license or a physician’s medical certification displayed in an office, serving as proof of authenticity.

DMARC, on the other hand, instructs email servers on the actions to take if DKIM or SPF checks fail. This could involve flagging such emails as ‘spam’, allowing them through, or rejecting them entirely.

Without proper configuration of SPF, DKIM, and DMARC, domains risk their emails being trapped in spam filters or not reaching their intended recipients. Additionally, this leaves them vulnerable to impersonation by spammers.

In simple terms, a domain is a web address, such as ‘’, and forms the latter part of an email address, like in ‘‘.

Using DKIM and SPF in Netigate.

The Netigate platform allows our customers to send surveys from their own domain. Many customers’ domains are not configured correctly; some are missing a valid SPF (Sender Policy Framework) record, others are missing a valid DKIM (DomainKeys Identified Mail) record, and some customer domains are missing both SPF and DKIM records. 

Having valid SPF and DKIM records is becoming increasingly necessary due to the demands for email security and integrity from global email providers, such as Microsoft and Google.  

A valid SPF record for your domain: 

  • Helps prevent Email Spoofing and Phishing 
  • Enhances Email Deliverability 
  • Protects Brand Reputation 

Implementing DKIM offers several important benefits for your email communications, including: 

  • Authentication and Sender Verification 
  • Message Integrity 
  • Brand Protection 

What will happen if I do not have these records?

If neither of these records are correctly implemented for your domain, it is highly possible that Google and/or Microsoft will consider emails from you as suspicious and may choose not to deliver them to your Customers/Employees. Also, as Netigate sends these emails on your behalf, Google and Microsoft may consider any further emails from Netigate as suspicious and could refuse to accept any further emails from our platform entirely. 

Because of these requirements for valid SPF and DKIM records, we are strongly encouraging all customers wishing to use their own domains, to ensure they are configured correctly.

For configuring DKIM, please see here: 

And for configuring SPF, please visit here: