DNS Records
Configure your DNS records properly to authenticate your emails and ensure reliable delivery. All records are essential for email authentication and deliverability.
MX Record (Mail Exchange)
An MX record specifies which mail servers are responsible for receiving email on behalf of your domain. When someone sends an email to [email protected], the sender's mail server queries DNS for the MX records to determine where to deliver the message.
Configuration
| Field | Value |
|---|---|
| Type | MX |
| Host | @ (or yourdomain.com) |
| Value | mx.airsend.one |
| Priority | 10 |
Important
SPF Record (Sender Policy Framework)
SPF allows domain owners to specify which mail servers are authorized to send email on behalf of their domain. Without SPF, anyone can forge emails that appear to come from your domain.
Configuration
| Field | Value |
|---|---|
| Type | TXT |
| Host | @ |
| Value | v=spf1 include:spf.airsend.one ~all |
SPF Policy Qualifiers
| Qualifier | Meaning | Recommended |
|---|---|---|
~all | Soft fail — accept but mark as suspicious | Start with this |
-all | Hard fail — reject unauthorized senders | After confirming all sources |
?all | Neutral — no policy enforced | Not recommended |
One SPF Record Only
Example with Multiple Providers
v=spf1 include:spf.airsend.one include:_spf.google.com include:servers.mcsv.net ~allDKIM Record (DomainKeys Identified Mail)
DKIM allows the sender to digitally sign outgoing emails using a private cryptographic key. The receiving server retrieves the public key from your DNS and uses it to verify the signature, confirming the message was not altered in transit.
Configuration
| Field | Value |
|---|---|
| Type | TXT |
| Host | airsend._domainkey |
| Value | v=DKIM1; k=rsa; p=YOUR_PUBLIC_KEY_HERE |
The public key is auto-generated when you add your domain. Copy it exactly from your Airsend dashboard.
Headers Signed by DKIM
Long TXT Records
DMARC Record
DMARC builds on SPF and DKIM, allowing domain owners to publish a policy for how receiving servers should handle emails that fail authentication checks. It also provides reporting to monitor unauthorized use.
Configuration
| Field | Value |
|---|---|
| Type | TXT |
| Host | _dmarc |
| Value | v=DMARC1; p=none; rua=mailto:[email protected]; adkim=r; aspf=r; pct=100 |
DMARC Tags Explained
| Tag | Description |
|---|---|
v=DMARC1 | Version identifier (required) |
p=none | Policy: none (monitor), quarantine (spam), or reject (block) |
rua | Aggregate report email address |
ruf | Forensic report email address |
adkim | DKIM alignment: r (relaxed) or s (strict) |
aspf | SPF alignment: r (relaxed) or s (strict) |
pct | Percentage of messages the policy applies to (1-100) |
Recommended Rollout
- Phase 1: Start with
p=none— monitor and collect reports without affecting delivery - Phase 2: Move to
p=quarantine— send failing emails to spam - Phase 3: Set
p=reject— block all unauthenticated emails
PTR Record (Reverse DNS)
A PTR record maps an IP address back to a hostname. When your mail server sends an email, the receiving server performs a reverse DNS lookup to verify that the IP resolves to a valid hostname associated with your domain.
How to Set Up PTR
- Contact your VPS or dedicated server provider (not your DNS registrar)
- Request a PTR record for your server IP pointing to your mail server hostname (e.g.,
mail.yourdomain.com) - Ensure the PTR hostname has a matching A record that resolves back to the same IP
- This creates forward-confirmed reverse DNS (FCrDNS)