Setting up SPF and DKIM records in GoDaddy is one of the essential steps on your email security checklist. If you are already familiar with authentication protocols, you know that SPF protects your domain from unauthorized senders while DKIM goes a step further by attaching a cryptographic signature to prove the integrity of your messages.
Without these records properly configured in your GoDaddy DNS, even a strong DMARC policy will not perform as intended. This guide walks you through the exact steps so your emails are trusted, delivered consistently, and shielded from spoofing or tampering attempts.
Steps to set up an SPF record in GoDaddy
To set up an SPF record in GoDaddy, the domain owner or the person in charge has to make some modifications. Here are the steps on how to go about it-
Step 1: Log in to your GoDaddy account
Go to the GoDaddy login page and sign in with your credentials. Ensure that you are logged in as the account owner or have the requisite permissions to make the modifications. So, if your domain is managed under a delegate account, confirm you have DNS editing rights; otherwise, you won’t be able to add SPF records.
Step 2: Access domain management
Once logged in, go to the My Products section from your dashboard, where you will see all the domains associated with your account. Identify the domain for which you want to add the SPF record.
Step 3: Navigate to DNS management
Next, click on the DNS option. This will bring you to a DNS Management panel where all your TXT, MX, CNAME, and other records are stored.
Always review what’s already present before making changes; if an SPF record already exists, you must edit it rather than create a duplicate. Multiple SPF records will cause ‘PermError’ during email validation.
Step 4: Add a new record
In DNS Management, scroll down and click Add. You will see options to select the type of record. Choose TXT because SPF is published as a TXT record, even though you might sometimes see an ‘SPF’ option in older DNS interfaces. Stick with TXT for compatibility.
Step 5: Enter SPF record details
- Type: TXT
- Host: Use @ if the SPF should apply to the root domain (which is the common case). If you need it for a subdomain like mail.example.com, use that instead.
- TXT Value: Paste the SPF string you generated.
Example:
v=spf1 include:spf.protection.outlook.com -allMake sure there are no extra spaces, hidden line breaks, or quotes; otherwise, your SPF record will run into errors. Also, if you are close to exceeding the 10 DNS lookup limit, optimize your SPF record using ip4 or ip6 mechanisms instead of adding multiple ‘include’ statements.
Step 6: Save changes
Hit Save and wait for the information to propagate to every corner of the internet. This can take up to 48 hours.
Once it’s saved, we suggest you run a quick check using tools like MxToolbox or Kitterman to ensure your SPF record is error-free.
Steps to set up a DKIM record in GoDaddy
The process is somewhat like what you did above for SPF records, but with some differences. Let’s see how you need to proceed-
Step 1: Generate DKIM keys
Use a credible DKIM generator tool and create your key pair. Always go with 1024-bit or longer keys as they are harder for threat actors to break. Keep the private key secure on your mail server or email provider’s settings. The public key is what you’ll publish in GoDaddy DNS.
Step 2: Log in to your GoDaddy account
Log in to your GoDaddy account and go to the domain for which you want to add the DKIM record. If you manage multiple domains under the same GoDaddy account, double-check that you are going ahead with the correct one.
Step 3: Access domain management
From the main dashboard, click My Products and choose the domain where you want DKIM configured.
Step 4: Open the DNS management console
Click the DNS button or the three-dot menu next to your domain. This will take you to the zone file where all DNS records live.
Step 5: Add a new record
Scroll to the Records section and choose Add. Select TXT as the record type.
Step 6: Enter DKIM record details
- Host/Name: This is your DKIM selector followed by ._domainkey. Example: selector1._domainkey
- TXT Value: Paste the public DKIM key you generated. It usually starts with v=DKIM1; k=rsa; p=…
- TTL: Default of 3600 seconds is fine, but if you’re testing, you can set it to 600 for faster propagation checks.
Step 7: Save changes
Click Save and confirm that the record now appears in your DNS list.
Step 8: Verify DKIM status
Once your DKIM record is live, ensure the selector and public key match what your email server is using; otherwise, the signature will fail.
