IT administrators and security teams
Email Server: How to Configure Mailboxes with SPF, DKIM, and DMARC
Set up managed business mail and publish sender authentication records to improve deliverability.
10 min read · Updated 2026-04-01
Prerequisites
- • Verified domain under your organizational control
- • Mailbox plan with admin access
- • DNS change permissions for TXT and MX records
Implementation workflow
This runbook focuses on a reliable sequence for provisioning and validating the service through the cloud console.
- Create required mailboxes and mailbox groups in the email admin console.
- Publish MX records to route inbound mail to the managed service.
- Add SPF record entries for authorized outbound mail relays.
- Enable DKIM signing and publish selector TXT records in DNS.
- Create DMARC policy and monitor aggregate reports for policy tuning.
Validation and operator checks
After deployment, verify connectivity, security boundaries, and backup posture before promoting workloads to production.
Operator tips
- • Start DMARC with monitoring mode before strict reject enforcement.
- • Avoid multiple SPF records on the same domain.
- • Review mailbox access and forwarding rules during security audits.