DMARC, SPF, DKIM: email deliverability guide for SMBs Cloud & Suites

DMARC, SPF, DKIM: email deliverability guide for SMBs

13 May 2025 1 min read Par ServiTIQ

Lost quotes? Confirmations in spam? SMBs suffer from email fraud as much as from deliverabilityissues. The solution: a well-configured SPF/DKIM/DMARC trio.

SPF — who is allowed to send?

Declare your senders (Microsoft 365, Google, sending tools, CRM) in a TXT record. Key rules:

  • 1 single SPF per domain, < 255 characters per block (use include), ~all at first, -all once confirmed.

DKIM — cryptographic signature

Enable DKIM in 365/Workspace/SMTP service. Publish the public key in DNS. A valid signature strengthens reputation.

DMARC — the policy

Start with p=none with reports (RUA/RUF). Analyze who is actually sending.
Steps:

  • Inventory all legitimate senders.
  • Fix SPF/DKIM until aligned.
  • Move to p=quarantine, then p=reject (gradual: pct=25/50/100).
  • Monitor the reports (DMARC tools aggregating the XML).

Common cases

  • Forgetting a subdomain used by a marketing tool.
  • SPF overloaded by too manyinclude.
  • DKIM active but not aligned with the From domain.

Benefits

  • Fewer spoofing attempts perceived by your clients.
  • Better deliverability (Inbox vs Spam).
  • Visibility on the sources sending on your behalf.
Related articles

Continue reading

Microsoft 365 migration: succeed without disruption (and no surprises)
Cloud & Suites

Microsoft 365 migration: succeed without disruption (and no surprises)

Passer à Microsoft 365 offre collaboration moderne, sécurité renforcée et mobilité. Mais une migration mal planifiée peut casser la messagerie…
Google Workspace 10 politiques sécurité à activer
Cloud & Suites

Google Workspace: 10 security policies to enable on day one

Using Google Workspace? In 60–90 minutes, secure the essentials.

Your infrastructure. Our expertise.

Free infrastructure audit. No commitment required. Response within 24 hours.

Get my free quote Call us