SPF
Zendesk use their own domain by default when they send emails on your behalf. If you want to authorize them to send emails using your own domain you will have to create an SPF record which includes their sending servers.
You can continue sending emails to your customers without making a change to your DNS and without authorizing Zendesk to send on your behalf but your customers will see Zendesk’s domain in the emails they receive from you. So if you want your customers to see your domain you will have to configure SPF.
To authorize Zendesk to send on your behalf you will have to create the following SPF record in your DNS:
“v=spf1 include:mail.zendesk.com ?all”
Zendesk recommend using the “?” qualifier but you can change this as you wish or use the one that you currently have if you already have an SPF record.
For more information please click on the button below.
DKIM
Before you begin make sure that you have added an external email domain for your Zendesk email. If you have not done this, please refer to Zendesk for more help.
To enable DKIM signing for your domain you will have to create two CNAME records in your DNS which will point your domain name to Zendesk’s domain for signing and once this is done you will have to enable DKIM signing within Zendesk.
Zendesk uses two CNAME records as it rotates the keys for extra security.
Create the CNAME records in DNS
First CNAME host record name: “zendesk1._domainkey.your_support_address.com” pointing to zendesk1._domainkey.zendesk.com
Second CNAME host record name: “zendesk2._domainkey.your_support_address.com” pointing to zendesk2._domainkey.zendesk.com
You will have to replace “your_support_address.com” with your own support domain.
2. Enable DKIM signing in Zendesk
In Zendesk’s control panel you can enable DKIM signing for your custom domain.
For more information please click on the button below to refer to Zendesk’s article.
Create a free OnDMARC account to test your configuration.