SPAM emails. Setup dkim,dmarc and spf

We have 2 domains one of which is a google domain. domain b goes to my exchange server.We are authoritative of domain A which is the google domain.  All emails from this domain is coming to my exchange server. What i have noticed that some of them end up in SPAM. To be exact most of them are google docs. What do i need to do to solve this problem permanently. i have already told my ISP to setup (v=spf1 ~all). Is this correct as i think it is flagging them as spam as we are authoritative for google domain.
Do i also need to add another spf for my domain?

What can i do to get DMARC, DKIM and SPF. I currently have SPF at my internal DNS, is this the same one required at public dns. I was told for google to be able to send emails i needed to add (v=spf1 ~all).

Thanking in advance
Member_2_6474242Senior Systems AdministratorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

nociSoftware EngineerCommented:
You were told right. the include must be added to an existing domain.
The SPF tells other systems who is allowed to send on your behalf. (All Ip addresses).
if -all is used then all other mail servers are excluded.

DKIM  is more involved, for DKIM you need to create one or more private/public RSA key-pairs, where the private key is exported to the mail server and the public key is added to DNS.  The public key is stored in a DS key identified by a selector, this selector also needs to be configured on the sender. It is wise to let every independant mailer have it's own selector. (this reduces the amount of work in case one of the current service providers needs to be dropped).

DMARC is about reporting options, where you solicit for reports about mail that others received on behalf of you....
so you more or less get insight in what spammer abuse your addresses.
Member_2_6474242Senior Systems AdministratorAuthor Commented:
can i get some links to setup the above please
nociSoftware EngineerCommented:

For SPF only DNS settings are relevant.

For DKIM there are DNS settings as well as enabling signing on the server. AFIAK Exchange cannot do that, you will need some extra tools, or a mailgateway that can handle this eithet system based on exim, postfix or a tool like trustwave SEG.

DMARC is more about reporting by others and requires you to process some mails that can be sent to you .  is a toolkit that can help here.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Member_2_6474242Senior Systems AdministratorAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.