If you have an existing domain name, you can connect it to BRIKL manually. Connecting your third-party domain to BRIKL points to your domain name at your BRIKL store. You still use the third-party domain provider to manage your domain settings, pay for your domain, and renew it.
You cannot buy a domain through BRIKL. You first have to buy a domain name through a third-party provider
Connecting your domain name manually
- Log in to the account you have with your domain provider.
- Find your DNS settings. Look for your domain management area, DNS configuration, or similar.
- The domain settings panel might feature drop-downs or editable fields, or you might have to check boxes or edit a table.
- Find the CNAME record in your DNS settings.
- Change your www CNAME record to point to brikl.netlifyglobalcdn.com. Often, you need to provide just the prefix without the dot, but for some domain providers you need to provide the whole subdomain. Use the existing entries as a guide, or follow your provider's instructions. CNAME records must always point to a domain name, never to an IP address.
- Save the CNAME Record (usually by clicking Save or Add record or similar).
- Now you need to verify your connection in BRIKL.
Add DKIM to prevent email spoofing
Enhance security for outgoing email (DKIM)
The Domain Keys Identified Mail (DKIM) standard helps prevent spoofing on outgoing messages sent from your domain.
Email spoofing is when the content of emails are changed to make the messages appear from someone or somewhere other than the actual source. Spoofing is an unauthorized usage of an email. To prevent, some email servers require DKIM to avoid email spoofing.
DKIM encrypted signature protects the header of all outgoing messages. Email servers that get signed messages use DKIM to decrypt the message header, and verify the message was not fraudulently changed after it was sent.
How to setup DKIM
- Step 1 - Generate the domain key for your domain.
- Step 2 - Add the public key to your domain's DNS records. Email servers can use this key to verify your messages' DKIM signatures.
- Step 3 - Turn on DKIM signing to start adding a DKIM signature to all outgoing messages.
Step 1 - Generate a DKIM key for your domain
Generate the domain key for outgoing email (GMAIL)
We will be using the DKIM from G Suite as an example. If you are using another provider, the steps might differ slightly.
- From your G Suite Admin console Home page, go to Apps > G Suite > Gmail.
- Click Authenticate email.
- Your primary domain will be selected by default. Click your primary domain name and select all other domains where you will want to use DKIM.
- Click Generate new record
- Select DKIM key bit length. If your domain host supports 2048-bit keys, we would recommend using 2048-bit as they will be more secure. If you previously used a 1024-bit key, there will be no impact when switching to a 2048-bit key.
If your domain host doesn't support 2048-bit keys, you can change the key length to 1024.Domain keys include a text string called the prefix selector which you can modify. The default prefix selector for the Gmail domain key is google. Change the prefix only if your domain already uses a DKIM key with the prefix selector google.
- Click Generate.
Use the text at TXT record value to update the DNS record at your domain host. Remote mail servers can get this public key from the DNS record and use it to confirm your messages from your domain.
DKIM for multiple domains
If you're setting up DKIM for more than one domain, repeat Steps 4–6 to get a DKIM key for each domain.
2. Add the domain key to your domain's DNS records
For below steps, use the DKIM domain key you generated in the Admin console.
Important: If you have more than one domain, complete these steps for each domain. Use a unique DKIM key for each domain.
- Sign in to the management console for your domain host.
- Locate the page where you update DNS records.
Subdomains: If your domain host doesn't support updating subdomain DNS records, add the record to the parent domain.
- Add a TXT record:
Note: If your domain provider limits the length of TXT records, go to Domain keys and TXT record limits.
- In the first field, enter the text displayed in the Admin console under DNS Host name (TXT record name).
- In the second field, enter the text string displayed in the Admin console under TXT record value.
- Save your changes.
3. Turn on DKIM signing
- From your Admin console Home page, go to Apps > G Suite > Gmail.
- Click Authenticate email.
- Select the domain where you want to start email signing. The page shows the status of email signing for the selected domain.
- Click Start authentication.
- To verify that DKIM signing is active, send an email message to someone who is using Gmail or G Suite. You can't do this test by sending a message to yourself.
- Open the message in the recipient's inbox.
- Next to Reply, click More ( the three vertical dots ) click Show original.
The entire message header displays.
- In the message header, the line starting with DKIM-Signature confirms that DKIM signing is on. See this example, where d is the sending domain and s is the signing domain:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.com; s=google;
For more information check the official G Suite documentation: https://support.google.com/a/answer/174124?hl=en&ref_topic=2752442&visit_id=637362768014370529-9333289&rd=1