Google + DNSimple: domain authentication configuration

Amplemarket Team
Amplemarket Team
  • Updated

In the following video, we will help you configure your Domain while using Google as your Email Service Provider and DNSimple as your Domain provider:

 

 

Setup MX records

MX records are a basic configuration to allow your domain to receive and send emails.

After adding your domain to your Google Admin account you should be able to see it on the Account > Domains > Manage Domains screen.

If your Domain’s MX Records are not configured, you should be able to click on “Activate Gmail”

Google will surface the instructions needed to set up the MX records:

  • Head to DNSimple
  • Select the domain on which you want to configure MX records and under DNS Records click on “Manage”
  • Click on “Add record” and select “MX” as the type of record you want to create
  • Use the following info that Google provided before to make your MX record:
    • Type: MX
    • Name: enter @ or leave it blank
    • Mail Server Host: SMTP.GOOGLE.COM
    • Priority: 1
    • TTL (Refresh Rate): 1 hour
  • Click “Save”
  • Head back to your Google Admin account and click on “Activate Gmail”

MX records should now be set up and you’re ready to create your first Gmail mailboxes. Follow the remaining below instructions to complete the Domain Authentication configuration. 

 

Setup SPF

  • Head to DNSimple
  • Select the domain on which you want to configure SPF and under DNS Records click on “Manage”
  • Click on “Add record” and select “TXT” as the type of record you want to create
  • Use the following info that Google provided before to create your MX record:
    • Type: TXT
    • Name: @
    • Content: v=spf1 include:_spf.google.com ~all
    • TTL (Refresh Rate): 1 hour
  • Click “Save”

 

Setup DKIM

On the Google Admin account:

  • Head to: Google Workspace > Gmail > Authenticate email

 

  • Select the domain you want to authenticate from the ones available in the dropdown list
  • Click “Generate New Record”

 

  • Refresh the page, select the same domain you’re configuring and copy the text that has surfaced. It should look like this:

 

  • Head into DNSimple and navigate to the domain for which we are setting up the DKIM.
  • Find the “DNS Records” section for this domain

  • Select Add to add a TXT record to this domain's DNS. We are going to populate the box that appears with the following values:
    • Type: TXT
    • Name: This will be the DNS Host Name that we copied above (e.g. google._domainkey)
    • Value: This will be the Record Value that we copied above (e.g. all 5 lines that start with v=DKIM1: k=rsa;)
    • TTL: Leave this as the default value or 1 hour
  • Wait for the Success message from your domain provider and then head back over to the DKIM authentication page at Google and click the “Start Authentication” button. Allow it some time to complete, but if you receive an error message, know that it can take up to 48 hours to propagate, so it is okay to wait a while to reattempt. Once you can successfully receive the success message, then you have completed DKIM!

 

Setup DMARC

  • Head to DNSimple and navigate to the domain where we are setting up DMARC.
  • Under the DNS we are going to add a TXT record and insert the following information
    • Type: TXT
    • Name: “_dmarc”
    • Value: “v=DMARC1; p=none”
    • TTL: “default” 
  • Hit Save

Note: the “p” value is the policy. We usually recommend none as it is the simplest. Below are the options you could also use:

  • p=none: The domain owner requests no specific action be taken on mail that fails DMARC authentication and alignment. 
  • p=quarantine: The domain owner instructs that mail failing the DMARC authentication and alignment checks be treated as suspicious by mail receivers. This can mean receivers place the email in the spam/junk folder, flag it as suspicious, or scrutinize this mail with extra intensity. 
  • p=reject: The domain owner requests that mail receivers reject the email that fails the DMARC authentication and alignment checks. Rejection should occur during the SMTP transaction. This is the strictest policy and offers the highest level of protection.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request