DKIM & SPF Setup


DomainKeys Identified Mail (DKIM) is an authentication method used to confirm that no changes were made to the content or sender information during the transmission of the message. The sender encodes the original message into a "DKIM signature" using a private key, and recipients use the sender's public key to verify that this signature matches the received content. 


DKIM set-up 

A custom DKIM signature is not mandatory to send messages via GetResponse. Messages can still be sent with a sender address of the respective domain, which are then sent with a GetResponse DKIM key. The sender email address is then displayed (depending on the email client used) as " via". 

Configuring DKIM for a custom domain can significantly improve email marketing communications by authenticating messages that use the sender address of a specific domain.  

  1. All references to GetResponse in the sent messages are hidden, which would otherwise always be visible to Gmail and all Microsoft tools ( and Microsoft Outlook). Only one sender email address is now displayed in the messages. 
  2. A separate reputation is built up for this domain, so that the deliverability of the messages can be increased even further. 
  3. If DMARC is to be used or is already in use, this must be set up before starting to send messages via GetResponse. 

Adding a DKIM record for a domain 

This process may vary depending on where your domain is hosted. To add a DKIM record, the following steps should be followed: 

  1. Log into your domain provider's customer account and select Administration of the domain. 
  2. Go to the domain settings and select the DNS settings there. 
  3. Add a new TXT record with the appropriate information (name, values, TTL). 
  4. Save the settings. 

Depending on the domain provider, it can take up to 24 hours for the changes to be active. It is therefore recommended to send a newsletter to yourself to ensure that the DKIM signature settings are correct. 


Common problems when adding a DKIM key 

DKIM record does not work 

This is often caused by an incorrect entry of the selector. It must be ensured that the last character of the selector is not missing in the configuration when entering the name (e.g. "4e4a47e" instead of the correct "4e4a47eb"). 

Messages end up in the spam folder or are blocked after the DKIM record has been entered. 

If DMARC is set up without first setting up SRF and DKIM correctly, the result is often that messages end up in the spam folder or are blocked. The domain can be tested on the following page: 

In this case, if there are errors in the SPF and DKIM configuration, the entries must be removed and added again. Both SPF and DKIM must be set up correctly before DMARC can be configured. 


Only part of the DKIM record is displayed 

This is because the domain provider only allows up to 128 characters in a key. The domain provider's support should be contacted for assistance with the configuration. 


Address of the subdomain is duplicated 

With some providers, the record entry in the first column of the Control Centre may only contain the subdomain. The correct entry in this case would be e.g. "4a4b4c._domainkey" and the complete entry such as "" would lead to the result "" and thus to an error. 


DKIM only works sporadically 

It should be ensured that no more than one DNS server has been set up for the domain. It is possible that one of the DNS servers is not configured correctly. The entries should be checked again to ensure that they have the correct DKIM and SPF settings. 



Sender Policy Framework (SPF) is an email authentication method to verify that the sender's IP address is authorised to send on behalf of the sender's domain. Recipients check this against the "return path" header of a message and ensure that the public DNS of the sender's domain lists this specific IP address of the sender. 



The Domain Name System (DNS) is a public resource containing information about a domain that only the domain owner can edit. The DNS contains relevant details for sending e-mail on behalf of a domain, such as SPF, DKIM and DMARC policy records.