![A stick figure smiling](/images/welcome.jpg)
Here's a preview from my zine, How DNS Works! If you want to see more comics like this, sign up for my saturday comics newsletter or browse more comics!
![Image of a comic. To read the full HTML alt text, click "read the transcript".](/images/uploads/mx-records.png)
read the transcript!
there are two important problems in email
From: Kermit @frog.com
To: julia@example.com
- Make sure the message gets to the right recipient. This is what MX records are for.
- Make sure the sender didn’t lie about their From: address. This is what SPF, DKIM, and DMARC records are for.
SPF/DKIM/DMARC are very complicated but we’ll give a tiny incomplete summary.
MX records tell you the mail server for a domain
$ dig +short MX gmail.com
5 gmail-smtp-in.l.google.com.
5 is the priority
google.com is the server’s domain name
copy and paste your MX records
Illustration of a smiling stick figure with curly hair.
person: you’re probably using an email service like Fastmail/Gmail, so just copy the records they tell you to use
tiny guide to SPF/DKIM/DMARC records
SPF: list of allowed sender IP addresses
Example: v=spf1 ip4:2.3.4.5 -all
DKIM: sender’s public key
Example: v=DKIM1; k=rsa; p=MIGFMA0GCSqGSI.......
DMARC: what to do about SPF/DKIM failures
Example: v=DMARC1; p=reject; rua=mailto:dmarc@example.com
Saturday Morning Comics!
Want another comic like this in your email every Saturday? Sign up here!