Start for Free
DNS

What is DNS (Domain Name System) in relation to email?

Last Update: July 31, 2025

Understanding DNS: The Internet’s Address Book

Before we talk specifically about email, let’s quickly review what DNS is. Understanding the basics helps see its importance for email.

What is DNS? A Quick Overview

DNS stands for Domain Name System. Think of it as the internet’s phone book 📖. It translates human-friendly domain names, like www.example.com, into machine-readable IP addresses, such as 192.0.2.1. Computers use IP addresses to find each other on the internet. DNS makes it easy for us humans to remember website addresses instead of long strings of numbers.

DNS is a hierarchical and decentralized system. This means it’s not stored in one single place. Instead, it’s distributed across many servers worldwide. DNS uses various types of records to store different kinds of information about a domain. Common record types include A records (for website IP addresses), CNAME records (for aliases), TXT records (for text information), and, importantly for our topic, MX records.

How DNS Resolution Works (Simplified)

When you type a domain name into your browser (or when an email server tries to find another mail server):

  1. Your computer or server (the “resolver”) asks a series of DNS servers for the IP address.
  2. This query might go to root servers, then Top-Level Domain (TLD) servers (like those for .com or .org), and finally to the authoritative nameservers for that specific domain.
  3. The authoritative nameserver holds the actual DNS records for the domain and provides the IP address. This process, called DNS resolution, usually happens in milliseconds.

DNS Records Crucial for Email: The Big Four

When it comes to email, specific DNS records are vital. These records tell the internet how to handle emails for your domain. They also help protect your domain from being used for spam or phishing. Let’s look at the four most important ones.

MX Records (Mail Exchange): Directing Your Mail Traffic

What are MX Records?

MX records specify the mail servers responsible for accepting email messages on behalf of your domain name. When someone sends an email to [email protected], the sending mail server performs a DNS lookup for the MX records of yourdomain.com. These records point to the servers that will actually receive the email. MX records also have a priority value. This number indicates the order in which servers should be tried if multiple MX records exist. Lower numbers mean higher priority.

Why are MX Records Essential?

Without MX records, other mail servers wouldn’t know where to deliver emails sent to your domain. Your emails would simply get lost. Correct MX records are the absolute foundation for receiving email.

SPF Records (Sender Policy Framework): Authorizing Your Senders ✅

What are SPF Records?

An SPF record is a type of DNS TXT record. It lists all the mail servers and IP addresses authorized to send email on behalf of your domain. It’s like creating an approved senders list for your domain.

How SPF Works to Prevent Spoofing

When a receiving mail server gets an email claiming to be from your domain, it checks your domain’s SPF record. It compares the IP address of the sending server with the list of authorized IPs in your SPF record. If the sending IP isn’t on the list, the email might be flagged as spam or rejected. This helps prevent spammers from spoofing (forging) your domain to send malicious emails.

Why SPF is Vital for Deliverability and Security

A properly configured SPF record:

  • Helps prevent unauthorized use of your domain.
  • Improves your sender reputation with Internet Service Providers (ISPs).
  • Increases the chances your legitimate emails reach the inbox.

DKIM Records (DomainKeys Identified Mail): Verifying Message Integrity ✍️

What are DKIM Records?

A DKIM record is another type of DNS TXT record. It contains a public cryptographic key. Sending mail servers use a corresponding private key to add a digital signature to outgoing emails. Receiving mail servers use the public key from the DKIM record in your DNS to verify this signature.

The Digital Signature Process

  1. Your sending mail server (or email service provider) signs certain parts of your email (like the From header and the body) with a private key.
  2. This signature is added as a header to the email.
  3. When a receiving server gets the email, it fetches your public DKIM key from DNS.
  4. It uses this public key to verify the signature.

Benefits of DKIM: Trust and Integrity

A valid DKIM signature tells the receiving server two important things:

  • The email genuinely originated from a server authorized by your domain.
  • The signed parts of the email have not been tampered with during transit. This builds trust and ensures message integrity.

DMARC Records (Domain-based Message Authentication, Reporting & Conformance): Setting the Policy 👮

What are DMARC Records?

A DMARC record, also a DNS TXT record, acts as a policy layer on top of SPF and DKIM. It tells receiving mail servers what to do if an email claiming to be from your domain fails SPF or DKIM checks, or if the domains in those checks don’t “align” with the domain in the From: header. DMARC also enables receiving servers to send reports back to you about email authentication results and potential abuse.

DMARC Policies: p=none, p=quarantine, p=reject

The DMARC record specifies a policy (p=) which can be:

  • p=none: Monitor mode. Emails are delivered normally, but you receive reports. This is where you start.
  • p=quarantine: Failing emails are likely sent to the recipient’s spam folder.
  • p=reject: Failing emails are blocked outright. This is the strictest policy.

Alignment is key for DMARC. It means the domain verified by SPF and/or DKIM must match the domain shown in the visible From: address of the email.

The Power of DMARC: Enforcement and Reporting

DMARC allows you to:

  • Gain visibility into who is sending email using your domain (both legitimate and fraudulent).
  • Instruct receiving servers on how to handle unauthenticated mail.
  • Protect your brand from being used in phishing and spoofing attacks.

Why These DNS Records are Non-Negotiable for Email Success

Properly configuring these four types of DNS records is no longer optional if you want your emails to succeed. They are fundamental to modern email communication.

Ensuring Email Deliverability 

ISPs and email providers (like Gmail, Outlook, Yahoo) use SPF, DKIM, and DMARC signals to determine if an email is legitimate. Emails that pass these authentication checks are much more likely to land in the recipient’s inbox. Emails that fail or lack these records are often routed to the spam folder or rejected entirely.

Combating Email Spoofing and Phishing 

SPF, DKIM, and especially DMARC are powerful tools against cybercriminals. By clearly defining who can send email for your domain and what to do with unauthorized mail, you make it much harder for attackers to impersonate your brand to deceive your customers or employees.

Building and Maintaining Sender Reputation 

Your sender reputation is like a credit score for your email sending practices. ISPs track various factors to determine this reputation. Consistent use of email authentication is a strong positive signal. A good sender reputation is essential for high inbox placement rates.

Compliance with Email Provider Requirements

Major mailbox providers are continuously tightening their requirements. Many now expect, or will soon require, strong email authentication for bulk senders. Failing to comply can lead to significant deliverability problems.

Gaining Visibility into Your Email Channel (via DMARC reports)

DMARC reports provide invaluable feedback. They show you which emails are passing or failing authentication, where they are coming from, and can help you identify misconfigured legitimate senders or active abuse of your domain.

Setting Up and Managing Email-Related DNS Records: A Practical Guide

Now that you know why these records are important, let’s cover how to manage them.

Where are DNS Records Managed?

You manage your domain’s DNS records through the control panel provided by your:

  • Domain Registrar: The company where you bought your domain name (e.g., GoDaddy, Namecheap).
  • DNS Hosting Provider: Sometimes, DNS hosting is handled by a separate service (e.g., Cloudflare, AWS Route 53, DigitalOcean). If you use a service like Elementor Hosting, DNS management might be part of that package.

Step-by-Step: Adding Key Email DNS Records

The exact interface varies, but the general process is similar across providers.

Adding MX Records

  1. Get Values: Your email hosting provider (e.g., Google Workspace, Microsoft 365, Zoho Mail, or your web host if they provide email) will give you the necessary MX record values (server addresses and priorities).
  2. Add Records:
    • Hostname/Name: Usually @ (representing your bare domain) or your domain name.
    • Record Type: MX
    • Value/Points To: The mail server address (e.g., aspmx.l.google.com.)
    • Priority: A number (e.g., 1, 5, 10).
    • TTL (Time To Live): Often a default value is fine.

Adding an SPF Record

  1. Identify Senders: List all services/platforms that send email on behalf of your domain (e.g., your email marketing platform, transactional email service, CRM, helpdesk).
  2. Add Record:
    • Hostname/Name: @ or your domain name.
    • Record Type: TXT
    • Value/Points To: Your SPF string, starting with v=spf1. For example: v=spf1 include:servers.mcsv.net include:_spf.google.com ip4:192.0.2.10 ~all This example includes Mailchimp (servers.mcsv.net), Google Workspace (_spf.google.com), and a specific IP address. The ~all means “soft fail” for servers not listed.
    • Platforms like Send by Elementor would provide their specific SPF include mechanism (e.g., include:send.send2.co) or IP ranges for you to add to your SPF record. This authorizes emails sent through their system.

Adding DKIM Records

  1. Generate Keys: Your sending platform or email service (like Google Workspace or an email marketing tool) will usually generate a DKIM key pair for you. They will provide you with a selector (a name for the key) and the public key value.
  2. Add Record:
    • Hostname/Name: This is specific and often looks like selector._domainkey (e.g., google._domainkey or s1._domainkey). Your provider will tell you the exact hostname.
    • Record Type: TXT (sometimes CNAME, depending on the provider).
    • Value/Points To: The public key string, often starting with v=DKIM1; k=rsa; p=…
    • Email platforms such as Send by Elementor guide users on setting up DKIM. They typically provide the correct selector name and the public key value (or a CNAME target) that you need to publish in your DNS. This ensures emails sent via Send by Elementor are properly signed.

Adding a DMARC Record

  1. Start Simple: Especially if you’re new to DMARC.
  2. Add Record:
    • Hostname/Name: _dmarc (e.g., _dmarc.yourdomain.com)
    • Record Type: TXT
    • Value/Points To: Start with a monitoring policy: v=DMARC1; p=none; rua=mailto:[email protected]; pct=100; Replace [email protected] with an email address where you want to receive aggregate reports. p=none means you’re just monitoring for now.

Tools for Checking Your DNS Records

Many free online tools can help you check if your DNS records are set up correctly:

  • MXToolbox (for general DNS, MX, SPF, DKIM, DMARC checks)
  • Dmarcian, EasyDMARC (for DMARC analysis)
  • Kitterman SPF Record Testing Tools

Propagation Time

After you make DNS changes, it can take some time for these changes to propagate across the internet. This can range from a few minutes to 24-48 hours, though it’s often much faster.

Common DNS Issues Affecting Email & Troubleshooting

Even with careful setup, DNS issues can arise. Here are some common problems:

  • Incorrect MX Record Configuration: Pointing to the wrong mail server, or incorrect priority settings leading to mail delivery problems.
  • Invalid SPF Record Syntax:
    • Too many DNS lookups: SPF records have a limit of 10 DNS lookups. Using too many include, a, mx, or ptr mechanisms can exceed this.
    • Exceeding character limit: SPF records stored in TXT records have length limitations.
    • Incorrect mechanisms or modifiers: Using +all instead of ~all or -all appropriately.
  • Missing or Incorrect DKIM Signatures/Records: The sending service isn’t signing emails, the public key in DNS is wrong, or the selector is mismatched.
  • DMARC Policy Misalignment: Legitimate emails failing DMARC because their SPF or DKIM validated domains don’t align with the domain in the From: header. This is common with third-party senders if not configured for alignment.
  • Typos in DNS Records: A simple typo in a server name, IP address, or record value can break things.
  • Slow DNS Propagation: Changes made might not be visible to all receiving servers immediately.

Troubleshooting Tips:

  • Use online validation tools regularly. They are your best friend for spotting syntax errors or configuration problems.
  • Double-check all values provided by your email services or sending platforms. Copy and paste carefully.
  • Understand how each of your sending services needs to be included in your SPF record and how they handle DKIM.
  • Start DMARC with p=none and analyze reports before moving to quarantine or reject.

DNS for Email: Considerations for WordPress & WooCommerce Users

If you use WordPress and WooCommerce, your website itself sends emails. These also need proper authentication.

Emails Sent by WordPress and WooCommerce

  • WordPress Core: Sends emails for password resets, new user registrations, comment notifications, etc.
  • WooCommerce: Sends crucial transactional emails like order confirmations, shipping updates, refund notifications, and customer account emails.
  • Plugins: Many other plugins (forms, security, membership) also send emails.

By default, WordPress uses the PHP mail() function. This often means emails are sent directly from your web server. If this server’s IP isn’t in your SPF record, or if these emails aren’t DKIM signed, they are likely to have deliverability issues.

Ensuring Your Website’s Emails are Authenticated

To fix this, it’s highly recommended to use an SMTP plugin or a dedicated email sending service to route all emails sent from your WordPress/WooCommerce site.

  • Popular SMTP plugins (like WP Mail SMTP) allow you to configure WordPress to send email through a professional email provider (e.g., SendGrid, Mailgun, Amazon SES, Gmail/Google Workspace).
  • These services will then provide you with the necessary SPF and DKIM information to add to your DNS records for their sending servers. This ensures that even your website-generated emails are properly authenticated and trusted.

How Send by Elementor Simplifies Authentication for Its Emails

A platform like Send by Elementor is built with email deliverability and authentication in mind for the emails it sends.

  • It provides users with clear, step-by-step instructions on how to set up the necessary DNS records – typically an include mechanism for your SPF record and CNAME or TXT records for DKIM. This authorizes Send by Elementor’s servers to send email on your behalf.
  • By guiding users through this process, Send by Elementor helps ensure that marketing campaigns, newsletters, and any automated communications sent through its platform are properly authenticated. This significantly increases their chances of reaching the inbox and protects the user’s domain reputation.
  • This is particularly beneficial for WordPress and WooCommerce users, as it offers a streamlined way to manage the authentication for a key part of their email communications directly within an ecosystem they are familiar with. While Send by Elementor ensures its own emails are covered, users still need to ensure other emails sent from their domain (e.g., directly from their web server or other third-party services) are also properly authenticated.

Conclusion: DNS as a Pillar of Email Integrity and Deliverability

DNS is far more than just a system for finding websites; it’s a critical foundation for the integrity, security, and deliverability of your email communications. Records like MX, SPF, DKIM, and DMARC are not just technical jargon – they are essential tools that direct your mail, authorize your legitimate senders, verify message authenticity, and protect your brand from abuse.

Taking the time to properly configure and maintain these DNS records is a fundamental investment in your email strategy. It helps ensure your important messages reach their intended recipients, safeguards your reputation, and protects your audience.

For web creators and businesses leveraging the power of WordPress and WooCommerce, mastering these DNS concepts is crucial for reliable and effective client and customer communication. While the intricacies of DNS can seem daunting, tools and platforms like Send by Elementor aim to simplify at least part of this journey. By providing clear guidance for configuring DNS records related to emails sent through its system, Send by Elementor helps users build a stronger sender reputation and achieve higher deliverability, all within the integrated WordPress environment. This focus on foundational email practices ensures your messages have the best possible chance of landing where they belong: the inbox.

Have more questions?
Contact Support

Related Articles

Instagram Facebook-f X-twitter Youtube Linkedin-in

© 2025 Elementor Ltd. dba Send. All rights reserved.