lemlist et ses partenaires utilisent des cookies (ou une technologie similaire) pour mesurer et analyser l'utilisation de notre plateforme et pour diffuser des publicités en fonction de vos intérêts. En cliquant sur « Accepter », vous acceptez ce qui précède. Vous pouvez modifier vos préférences à tout moment dans les paramètres des cookies depuis le pied de page. Pour plus d'informations, consultez notre Politique en matière de cookies et Politique de confidentialité.
Nier
Gérez
Accepter
Gérer les cookies
Analytique
Nous devons mesurer les événements sur ce site Web. Pourquoi ? C'est un peu comme compter les calories pour avoir une bonne ligne.
Publicité
Pas de publicités ennuyeuses qui vous poursuivent sur Internet. Des choses intéressantes et pertinentes, promis.
Social
Si le contenu de ce site Web vous intéresse, nous aimerions rester connectés sur vos réseaux sociaux.
Terminé
Deliverability
What's the Difference Between SPF and DKIM? [2024 Update]
Noel Bouwmeester
June 27, 2024
|
7 min. read
Noel Bouwmeester
LAST UPDATED
June 27, 2024
READING TIME
7 min.
Domain Authentication protocols SPF and DKIM are essential to your email outreach success.
Why?
Because they increase the security of your emails, which is what Internet Service Providers love.
Subsequently, they raise your sender reputation, leading to better open rates and higher ROI for your email outreach.
However, despite their usefulness, people often confuse SPF with DKIM and vice versa. We’ll explain below how they are different.
Find the 7 differences 👨🦰👨🦱
Well, maybe not exactly 7…
However, there are a few essential differences between SPF and DKIM that you should take note of.
In simple terms:
SPF ensures that only authorized servers can send emails on your domain’s behalf, and DKIM ensures that emails are not tampered with during transit.
Let’s start by explaining SPF:
SPF explained 🏫
SPF, short for Sender Policy Framework, lets you specify which servers are allowed to send emails from your domain.
For example:
If you use Salesforce to send emails, you’d add their server to your SPF record.
The SPF record would look something like this:
v=spf1 include:_spf.salesforce.com ~all
With this server authorized, any server other than Salesforce's will cause emails to fail authentication.
In other words, SPF stops email spoofing. Criminals use email spoofing to pretend to send email from a trusted domain.
With the correct settings, emails from unauthorized servers will not reach their intended recipients, helping to make the Internet a safer place.
Since SPF-authenticated emails are deemed safer, they can boost your sender reputation and increase your open rates.
Hopefully, you now understand SPF better. Let’s move on to DKIM:
DKIM explained 👩🎓
While SPF operates on the server level, DKIM is concerned with the email's content.
If an email fails DKIM authentication, it means its content has been tampered with during transit - a sure sign of criminal activity.
DKIM prevents tampering by using public and private cryptographic keys to sign emails digitally.
Your email Service Provider or sending tool provides both keys. The public key goes into your DKIM record, and the private key is only accessible by your ESP.
The ESP usually decides what to include in the DKIM signature. Some of these variables could be:
The from address
The subject line
The body of the email (the actual content)
If any of these variables get altered during transit, the email will fail authentication.
Why you need both SPF and DKIM… and then some!
In 2024, landing in your audience's inbox is harder than ever.
However, a good open rate can be achieved by having your technical setup in order and not sending any spammy content.
SPF and DKIM are part of your technical setup. But you can’t have just one of these. You need both.
In fact, your technical setup doesn’t stop there. You also need DMARC and a Custom Tracking Domain.
SPF VS DKIM in short 🆚
Both SPF and DKIM are implemented through DNS records
SPF provides email authentication on the server level
If an email comes from an unauthorized server, authentication will fail
DKIM provides email authentication on the content level
If one of the predetermined variables’ content differs from what’s in the DKIM signature, authentication will fail
In the SPF record you include the server(s) you allow to send emails from your domain
The DKIM record includes the public key given to you by your ESP or email-sending tool
Typically, through DMARC, another email authentication DNS record, you decide what to do with emails that fail authentication. Unauthorized emails can get a pass (delivered normally), be sent to the spam folder, or get rejected and not delivered at all.
Thanks! You've successfully subscribed to lemlist newsletter
Oops! Something went wrong while submitting the form.
Tutoriels pratiques pour configurer et configurer les enregistrements SPF pour votre domaine de messagerie, y compris Google, Microsoft Office 365, etc.
Improve your email open rates and deliverability with free email deliverability tests that can help your emails reach the inbox and maintain a strong sender reputation.
Améliore les chances que vos e-mails atteignent les boîtes de réception des destinataires, en évitant les filtres anti-spam et en garantissant un engagement optimal.
