SPF & DKIM configuration requirements for Brightidea generated emails


 

All Brightidea System generated emails originate from smtp01.brightidea.com (52.1.235.217 & 52.1.252.231). 

Customer-side e-mail administrators should ‘whitelist’ our mail server host name (smtp01.brightidea.com) according to their specific anti-spam solution.

By ‘whitelist’, we are referring to the list of known-good host names and/or IP addresses permitted through the Anti-Spam filter

For Brightidea sites on the European Data Center, emails originate from "smtp.eu.brightidea.com", this is the domain that should be used for whitelisting purposes.

SPF

Additionally, Client-side DNS administrators can modify/create a SPF record in their domain’s DNS zone.

  • By adding the following to your domain’s SPF record: include:spfva.brightidea.com or include:eu.brightidea.com (for EU sites) you are specifying that Brightidea’s mail server is capable of sending legitimate mail for your domain. 
  • This is used by other mail servers and spam filters to verify that the mail being received from xyz.com domain is authorized to be sent out from xyz.com domain.

If you set your Brightidea contact email to example@ideas.company.com then you need to create the following SPF record:

Type: TXT

Host: ideas.company.com

Value: v=spf1 include:spfva.brightidea.com -all

DKIM

Brightidea cryptographically signs all system generated email using a 1024 bit key.

  • By adding the following CNAME record: brightidea._domainkey -> dkim.brightidea.com you can validate the email generated from Brightidea’s servers.

If you set your contact email to example@ideas.company.com then you need to create the following record:

Type: CNAME

Host: 1505348311.brightidea._domainkey.ideas.company.com

Value: dkim.brightidea.com

Note: 

  • We do not recommend using any IP addresses for DNS / White-Listing purposes as those can change dynamically in the future and are outside of our control.
  • The information in this article is typically only required if your Brightidea site is using a custom contact address with a non-Brightidea domain (e.g. ideas@company.com). 
    • If your Enterprise/Pipeline contact address is utilizing our standard domain (e.g. ideas@brightidea.com), no DNS/SPF changes are needed on your side. 
Was this article helpful?
5 out of 5 found this helpful
Have more questions? Submit a request

Comments

  • Avatar
    saul.andrade

    FYI - our email security contact also mentioned they needed to whitelist this address:

    207.20.48.217