A TXT record with the following value can be added to cloudflare or equivalent DNS provider:
value: domainname.com
content: v=spf1 include:sparkpostmail.com ~all
The above is for sparkpost. Similarly for mailgun, it will be:
name: domainname.com
content: v=spf1 include:mailgun.org ~all
In cases where SPF is needed for multiple mail providers, we can specify like so:
name: domainname.com
content: v=spf1 include:mailgun.org include:sparkpostmail.com ~all
We need to add a TXT DNS record with the following value to the Cloudflare or equivalent DNS provider:
name: _dmarc
content: v=DMARC1; p=none; rua=mailto:[email protected];
It's important to note the value for mailto:. This should point to a valid email address which should be part of the same domain we are configuring, usually [email protected].
Another important part to note is the value of p in the DMARC record. Initially it has to be set to none. And after 2 weeks it needs to be set to quarantine and again after 2 weeks it needs to be set to reject. We need to do this
to properly allow the DMARC policy to warm up before "rejecting" unauthenticated or spoofed emails.
DKIM is setup by default for Sparkpost while configuring the domain for sending from Sparkpost. So a valid TXT record will be provided by Sparkpost when configuring a domain which can be added.
Domains are created in Sparkpost for sending here https://app.sparkpost.com/domains/create?type=sending after creating a domain, SparkPost will provide the necessary TXT record for configuring DKIM
https://helloinbox.email will be checking the DKIM record for the name default._domainkey. But DKIM record can be any record that matches the format *._domainkey. Sparkpost provides scph0222._domainkey as the name of the TXT record.