Facebook Pixel

Email Domain Setup for Node.js MX Records, SPF, DKIM, and DMARC

Learn how to set up email for your custom domain MX records, SPF, DKIM, and DMARC for sending and receiving emails from your Node.js application.

Email Domain Setup for Node.js

If your Node.js app sends emails (password resets, notifications, welcome emails), you need to configure your domain's email DNS records.

Why Email DNS Records Matter

Without proper email DNS records:

  • Emails go to spam folder
  • Email providers block your emails
  • Users don't receive important notifications
  • Your domain can be blacklisted

Key Email DNS Records

RecordPurpose
MXMail server that receives email for your domain
SPFLists authorized servers that can send email
DKIMDigital signature for email authenticity
DMARCPolicy for handling failed SPF/DKIM checks

Step 1: Choose an Email Provider

For sending emails from Node.js:

  • Amazon SES Cheap, reliable, AWS integration ($0.10 per 1000 emails)
  • SendGrid Free up to 100 emails/day, good API
  • Mailgun Free up to 5000 emails/month for 3 months
  • Postmark Focused on transactional email, paid
  • Resend Modern, developer-friendly, free 3000/month

For receiving email:

  • Google Workspace $6/user/month
  • Zoho Mail Free for up to 5 users
  • Cloudflare Email Routing Free forwarding

Step 2: Configure MX Records (Receiving Email)

MX records tell other mail servers where to send email for your domain.

For Google Workspace:

Type: MX
Name: @
Priority: 1
Value: aspmx.l.google.com

Type: MX
Name: @
Priority: 5
Value: alt1.aspmx.l.google.com

Type: MX
Name: @
Priority: 5
Value: alt2.aspmx.l.google.com

Type: MX
Name: @
Priority: 10
Value: alt3.aspmx.l.google.com

Type: MX
Name: @
Priority: 10
Value: alt4.aspmx.l.google.com

For Cloudflare Email Routing (forwarding only):

Type: MX
Name: @
Priority: 69
Value: route1.mx.cloudflare.net

Type: MX
Name: @
Priority: 12
Value: route2.mx.cloudflare.net

Type: MX
Name: @
Priority: 34
Value: route3.mx.cloudflare.net

Step 3: Configure SPF (Sending Authorization)

SPF lists which servers are allowed to send email from your domain.

For Amazon SES:

Type: TXT
Name: @
Value: v=spf1 include:amazonses.com ~all

For SendGrid:

Type: TXT
Name: @
Value: v=spf1 include:sendgrid.net ~all

For Google Workspace:

Type: TXT
Name: @
Value: v=spf1 include:_spf.google.com ~all

For multiple providers:

Type: TXT
Name: @
Value: v=spf1 include:amazonses.com include:_spf.google.com ~all

Step 4: Configure DKIM (Email Signing)

DKIM adds a digital signature to your emails. The provider gives you a DKIM record to add.

For Amazon SES:

Type: CNAME
Name: abc123._domainkey
Value: abc123.dkim.amazonses.com

For SendGrid:

Type: CNAME
Name: s1._domainkey
Value: s1.domainkey.abc.sendgrid.net

Each provider has specific DKIM records. Check your provider's documentation.

Step 5: Configure DMARC (Email Policy)

DMARC tells receiving servers what to do if SPF or DKIM fails.

Type: TXT
Name: _dmarc
Value: v=DMARC1; p=quarantine; rua=mailto:[email protected]; ruf=mailto:[email protected]; fo=1

Policy options (p=):

  • none Monitor only (no action, good for testing)
  • quarantine Send to spam folder
  • reject Reject the email completely

Start with p=none to monitor, then increase to quarantine and eventually reject.

Step 6: Verify Email Setup

# Check MX records dig yourdomain.com MX +short # Check SPF dig yourdomain.com TXT +short | grep spf # Check DKIM (replace with your provider's selector) dig abc123._domainkey.yourdomain.com CNAME +short # Check DMARC dig _dmarc.yourdomain.com TXT +short

Also use:

  • mail-tester.com Send an email and get a spam score
  • Google Admin Toolbox Check MX records
  • MXToolbox Check all email DNS records

Step 7: Send Test Email from Node.js

const nodemailer = require("nodemailer"); const ses = require("aws-sdk/clients/ses"); const transporter = nodemailer.createTransport({ SES: new ses({ region: "us-east-1" }) }); await transporter.sendMail({ from: "[email protected]", to: "[email protected]", subject: "Test Email", text: "This is a test email from DevTinder" });

The Takeaway

Email domain setup involves: MX records (receiving email), SPF (authorized sending servers), DKIM (email signing), and DMARC (policy for failures). Start with p=none in DMARC to monitor, then increase to quarantine and reject. Use mail-tester.com to verify your setup. Without these records, your Node.js app's emails will go to spam.

MX records (mail server for receiving), SPF (TXT record listing authorized sending servers), DKIM (CNAME or TXT for email signing), and DMARC (TXT record with policy for failed authentication). All four are needed for reliable email delivery.

SPF (Sender Policy Framework) is a TXT record that lists which servers are allowed to send email from your domain. Without SPF, email providers may send your emails to spam or block them entirely. Example: v=spf1 include:amazonses.com ~all

DKIM (DomainKeys Identified Mail) adds a digital signature to your emails using a public-private key pair. The public key is in your DNS, and the private key signs each email. This proves the email is genuinely from your domain and wasn't tampered with.

DMARC (Domain-based Message Authentication) tells receiving servers what to do if SPF or DKIM fails. Start with p=none (monitor only), then increase to p=quarantine (send to spam), and eventually p=reject (block completely) once you're confident in your setup.

Use dig to check MX, SPF, DKIM, and DMARC records. Send a test email to mail-tester.com for a spam score. Use Google Admin Toolbox or MXToolbox to check all records. Your score should be 9-10 out of 10 for reliable email delivery.

Ready to master Node.js completely?

Want to upskill yourself, crack your next interview, and get your dream job? Join our comprehensive course to dive deeper with high-quality video tutorials, solve interview questions, and a premium community.

Please Login.
Please Login.
Please Login.
Please Login.