[Last updated 9/7/2025]

Domain Names Using Email Forwarding: SPF, DKIM, DMARC Requirements

If you forward emails (e.g., from the Email Forward IN your domain name to a personal email account like Gmail, Yahoo, etc.) your emails maybe failing to forward. Due to recent changes in 2024, major email providers require MX, SPF, DKIM and now DMARC authentication. 

Best Practices and Tips to take note of:

  • Update your SPF record to include the forwarding server (for Enom domains see below).
  • All three records—SPF, DKIM, and DMARC are slowly being required in order to forward emails from a domain name.
  • DMARC requires you to have SPF and DKIM set before it can be added.
  • Minimum setting in DMARC p=none policy allows emails without blocking them. (You must add your email to the settings to receive the reports)
  • Review DMARC reports to confirm forwarded emails pass authentication. Proper setup ensures your forwarded emails reach their destination without being flagged as spam.
  • Do not use custom DKIM records nor any DKIM generator or TXT DKIM for Enom-based forwarding. Enom has their own DKIM.
  • DNS changes take up to 24–48 hours to propagate.

Email forwarding alone is a legacy/unsupported setup. For best results, consider a dedicated (branded) mailbox with more reliable and modern alias solutions.

Limitations of Domain Name Email Forwarding:

  • Troubleshooting is limited and may incur a Domain Name Concierge Service Fee due to high manual effort required.
  • Due to limited support, tracking issues are difficult and time-intensive without a full mailbox, making support requests billable in many cases. This can expand the costs even more!
  • On top of the likely increased expenses due to requiring higher efforts and more support, this can also mean that when troubles do arise it could take longer to receive assistance or to have the issue resolved. This is especially so as time goes on and forwarding becomes considered more of a legacy in the tech industry all thanks to spammers and hackers.

If your business depends on email reliability, we suggest considering upgrading to a mailbox-based alias solution for superior deliverability and support. If you want to learn more about SPF, DKIM and DMARC please feel free to visit our DMARC knowledge page at DMARC Understanding and Why it is needed. - KartHost LLC.

 

Use the following for SPF and DKIM (replace the example domain name with your domain name)
Your MX record has already been added by Enom it will look like "mx.mydomain.com.cust.a.hostedemail.com"

1. Enter the SPF text string 
Note: The SPF record should follow this format:

v=spf1 include:_spf.emfwd.name-services.com MX ?all.

 

2. DKIM settings for domains at eNom using email forwarding.

 

Replace example.com with your domain name

 

Host Name: k1._domainkey

Record Type: CNAME

Address/Value: k1.example.com.dkim.hostedemail.link

 

 

Host Name: k2._domainkey

Record Type: CNAME

Address/Value: k2.example.com.dkim.hostedemail.link

 

3. DMARC: 

As this requires you to set the policy, we can only add it after you give us the string of text to include in the DNS. [ DMARC Knowledgebase click here]

Should you require our assistance with these settings, and the only service you have with KartHost is domain names, there will be a Domain Concierge fee (per domain name) to update the DNS records for you.

 

FAQ: Common Questions About SPF, DKIM, and DMARC

Q: Do I need DMARC if I only forward emails and don’t send them?

A: Yes. DMARC protects your domain from spoofing and ensures forwarded emails aren’t marked as spam, especially if you forward to Gmail, Yahoo, or Outlook.

Q: How do DMARC reports help me?

A: DMARC reports, sent to the email address in your DMARC record (e.g., [email protected]), show which emails from your domain and sub-domains pass or fail authentication. This helps you spot unauthorized senders or configuration issues.

Q: Why use p=none for DMARC?

A: p=none lets you monitor email activity without affecting delivery. It’s ideal for testing, as it shows which emails are authenticated and which aren’t, helping you fine-tune your setup.

Q: My forwarded emails are going to spam. What’s wrong?

A: Your SPF record may not include the forwarding server, or your DMARC policy might be too strict. Update SPF to include the forwarding server and set DMARC to p=none while monitoring reports.

Q: How do I check if my SPF, DKIM, and DMARC are set up correctly?

A: Use free tools like MXToolbox or DMARC Analyzer to test your DNS records. DMARC reports also provide ongoing insights into your email performance.

Q: Why isn’t forwarding as reliable as before?
A: Industry changes now require full authentication. While forwarding you might be forwarding from many different accounts which are not included in your SPF records. Along with a host of other issues due to forwarding becoming more outdated, it becomes more expensive to manage compared to a full email.

Q: Is support for forwarding included?
A: Manual setup and ongoing troubleshooting may incur additional service fees, because legacy forwarding requires extra work due to new standards.

Was this answer helpful? 0 Users Found This Useful (2 Votes)

Most Popular Articles

EPP Code what is it and where do I find it?

The EPP key Authorization code, known as a EPP code (aka Transfer Authorization Code) is a...
Understanding of Domain Name Transfer Statuses

Awaiting auto-verification of transfer request: An auto-verification transfer order has been...
Redemption Grace Period

Once a domain name expires will be placed into Renewal Grace period and you can pay the invoice...
Can I manage my Domain Forwarding in the KARTHOST Customer Center?

Is your Domain Name Registered with KartHost? If Yes,we provide for FREE DNS service and Domain...
Will my Domain Name expiration date change if I renew early?

Your Domain Name expiration Date (Day/Month) will NEVER change no matter when you renew your...