SMTP Deliverability Settings

If you're using the blackfly infrastructure for outgoing civimails, please add the following DNS entries to improve your deliverability.

This is a fairly technical description, feel free to refer your DNS administrator here and/or get in touch if you're unsure of anything.

In this document "yourdomain.org" is the domain used for your organizational email addresses. It may or may not be the same as the domain your civicrm is hosted on.

For a more detailed look at how these impact your deliverability, please see this posting

1. SPF

SPF works on the 'smtp-from', which can be and usually is different from the From: header (when using civimail). But may not be for 'transactional' emails generated from CiviCRM.

So there are a few things to do here.

a. Include spf.civicrm.ca in your existing SPF record for your domain, something that might look like this:

v=spf1 include:spf.civicrm.ca include:aspmx.googlemail.com ~all

b. If you're not using a custom bounce domain you'll see "via yourdomain.f.civicrm.ca" in your civimails. In that case, you don't need any more special records (because you're making use of one of my subdomains for your smtp-from). But to make that look nicer, I suggest that you set up a CNAME record for a subdomain in it's place. To do that, add a cname something like 'secure.yourdomain.org CNAME f.civicrm.ca'.

Note 1: the "f" depends on which server you're hosted on, it might be a "g" or some other letter.
Note 2: the "secure" has to be a subdomain that is not currently used for email. If you're hosting your civicrm with us on a subdomain of yours, then that's almost always the right choice.

2. DKIM

To add a DKIM record to your outgoing mail, add this CNAME to your domain:

blackfly._domainkey.yourdomain.org 900 IN CNAME blackfly._domainkey.dkim.blackflysolutions.ca

In other words, create a domainkey record for the selector "blackfly" using the above CNAME method.

Note: this improvement is not specific to civimail and is used and useful for all mails sent from your domain though my servers.

After you've done any of this, please contact us so we can complete the implementation on the server.