If your business uses Google Workspace (business Gmail), here is how to enable the three anti-spoofing protections.
Add a TXT record on your domain:
v=spf1 include:_spf.google.com ~all
For stricter protection, switch to -all once all your sending services are listed.
In the Google Admin console (admin.google.com) → Apps → Google Workspace → Gmail → Authenticate email. Click "Generate new record", add the provided TXT on google._domainkey to your DNS, then click "Start authentication".
Add a TXT on _dmarc.yourdomain.com, starting gently:
v=DMARC1; p=none; rua=mailto:dmarc@yourdomain.com
Monitor, then move to p=quarantine and finally p=reject.
Enter your domain: we test your SPF, DKIM, DMARC and website, and give you the exact action plan.
Run the free check