DNS
To prevent your mailserver from being recognized as spam, you should add all necessary DNS records like SPF, DMARC and DKIM. Please note that you will have to adapt our recommendation to your needs. This applies in particular if another mailserver also sends emails from your domain. To test whether your DNS records are correct, you can use tools such as mail-tester.com.
Recommendation
The following DNS example contains all the necessary DNS records.
# Name Type Value
IN MX 10 mail.example.com
#│ └─> Hostname of the mailserver
#└─> Priority of the mailserver
IN TXT v=spf1 mx -all
#│ └─> reject all mails from other servers
#└─> allow mails from mailserver listed in MX record
_dmarc IN TXT v=DMARC1; p=reject
#└─> reject all mails that fails SPF or DKIM test
dkim._domainkey IN TXT v=DKIM1; k=rsa; t=s; s=email; p=YOURKEY
#│ #└─> Public Key of the DKIM key
#└─> Selector, depends on the key # See below how to generate a DKIM key
# you created (default: dkim)
Warning
Please make sure to include all other servers in your SPF record that should be able to send emails from your domain.
Generate DKIM Key
Mailcow generates a random DKIM-Key for each domain. Follow the steps below to read out the pre-generated Key for a domain-name:
Log in to your Mailcow as either a domain admin or global admin
Navigate to “E-Mail” -> “Configuration” (in the menu on the top-right corner)
Locate the domain-name for which you need a DKIM-Key and click the blue “DNS” button at the right end of the row
In the DNS details for this domain, Mailcow shows you the DKIM-Key it generated for this domain name
Copy that long blob of text (starting with
v=DKIM1;...) and set that in the DNS zone for this domain name
After adding the DNS record, you can validate via the above procedure and look at the right colum in the DNS details of the domain to see the current state.
Please be aware that DNS changes can take a certain amout of time to be propagated and recognized by Mailcow.