SPF
To authorize Proofpoint to send emails on your behalf you will have to include it in your SPF record. Refer to your Deployment Information email for the details, as the SPF is unique to each PPS cluster.
It usually follows the format: include:spf-{clusterid}.pphosted.com
DKIM
To setup DKIM on PPS, follow these steps:
Navigate to Email Protection tab > Email Authentication > DKIM Signing > Keys
Click Generate Key to create a key for a domain and selector. Each key must have a unique domain and a unique selector within the domain. Proofpoint-generated domain keys are 2048-bits in length.
At the Generate Key Entry dialog box type or specify your domain, the selector, the scope of the key, and the policy routes.
For the policy routes, only check Disable processing for selected policy routes…
Under Available scroll down and select default_inbound
Click the >> to add it to Disable For Any Of:
Click on Add Entry.
Click View in the DNS Text Record column to see the text record for a DKIM key.
A pop-up window displays the DNS text record that contains the public key. Copy the DNS text record for each domain-selector pair to your DNS servers
Once the DNS record has been created, wait a few minutes to ensure the record has time to propagate.
On the PPS Admin Console and click on Test to verify if the DNS record was created correctly.
The feedback for the test will appear above the navigation tabs (System, Email Protection, Information Protection).
Once the DNS record has been validated click the Enabled box and then click Save Changes.
Turn on DKIM Signing by navigating to Email Protection tab > Email Authentication > DKIM Signing > General
Click On next to Enable
Click Save Changes
For more details, or for detailed screenshots refer to the Proofpoint documentation here.
Create a free OnDMARC account to test your configuration using our Investigate tool.