SMTP Deliverability Settings

If you're using the blackfly infrastructure for outgoing mail (especially CiviMail), please read the following to improve your deliverability.

This is a fairly technical description, feel free to refer your DNS administrator here and/or get in touch if you're unsure of anything.

In this document "" is the domain used for your organizational email addresses. It may or may not be the same as the domain your civicrm is hosted on.

For a more detailed look at how these impact your deliverability, please see this posting

1. SPF

SPF works on the 'smtp-from', which can be and usually is different from the From: header (when using civimail). But may not be for 'transactional' emails generated from CiviCRM.

So there are a few things to do here.

a. Include in your existing SPF record for your domain, something that might look like this:

v=spf1 ~all

b. For Civimail, you'll see something like "via" in your civimails. That's the 'smtp-from' domain (also called the 'bounce domain') and also needs an spf record. It will automatically have an SPF record if you're using one of my subdomains. If it's one of your subdomains, you've probably already had that conversation and set it up, but might as well check.

Note: the "f" depends on which server you're hosted on, it might be a "g" or some other letter.


To add DKIM authentication to your outgoing mail from the blackfly servers, add this CNAME to your domain: CNAME

In other words, create a domainkey record for the selector "blackfly" using the above CNAME method.

After you've done this, please contact us so we can complete the implementation on the server.


To add DMARC authentication, you just add a TXT DNS record that minimally looks like this: TXT "v=DMARC1; p=none;"

You're encouraged to add "rua=mailto:your-email-address-goes-here;" to that CNAME record, so that any complaints go to you (e.g. if someone identifies your mail as spam to their provider).