Support

Support for business applications

Kaspersky Secure Mail Gateway

General protection settings

Preparing to configure SPF and DMARC Mail Sender Authentication for outgoing messages

Kaspersky Secure Mail Gateway
Нет результатов
Knowledge Base Online Help
Advice & Solutions FAQ Download Buy Renew Forum Contact support Recovery tools

Preparing to configure SPF and DMARC Mail Sender Authentication for outgoing messages

26 April 2024

ID 102273

In order for the remote mail server to be able to perform message authentication when the message sender is Kaspersky Secure Mail Gateway (authentication of the sender of outgoing messages), you have to add the SPF and DMARC records to the settings of your DNS server.

To add SPF and DMARC records to the settings of your DNS server:

  1. Sign in to your DNS server under the administrator account.
  2. Locate the page with information on updating DNS records of the domain for whose addresses you want to configure Mail Sender Authentication for outgoing messages.

    For example, this page can be named "DNS Management", "Name Server Management", or "Advanced Settings".

  3. Find records in TXT format for the domain for whose addresses you want to configure Mail Sender Authentication for outgoing messages.
  4. In the list of records in TXT format, add the SPF record for a certain domain with the following contents:

    <name of the domain for whose addresses you want to configure SPF Mail Sender Authentication for outgoing messages> IN TXT "v=<SPF version> +all>"

    For example, you can add the following string:

    example.com IN TXT "v=spf1 +all"

    For details on configuring settings of the SPF record, see the RFC 7208 document.

  5. In the list of records in TXT format, add the DMARC record for a certain domain with the following contents:

    _dmarc.<name of the domain for whose addresses you want to configure DMARC Mail Sender Authentication for outgoing messages>. IN TXT "v=<DMARC version>; p=<action that the remote mail server will perform on all email messages that do not satisfy the DMARC requirements>;"

    For example, you can add the following string:

    _dmarc.example.com. IN TXT "v=DMARC1; p=quarantine;"

    See DMARC documentation for details on configuring settings of the DMARC record.

  6. Save changes.

The syntax of the sample SPF and DMARC records is provided for purposes of adding it to the settings of a BIND DNS server. The syntax of the SPF and DMARC records to be added to other DNS servers may differ slightly from the examples provided.

See also

General protection settings

About computer protection against certain legitimate applications

Configuring the Anti-Virus module

Configuring link scanning

Configuring the Anti-Spam module

Configuring the Anti-Phishing module

Configuring Content Filtering

Configuring external services

Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.