Skip to main content
Goal: authenticated inboxes ready for sending.

Prerequisites

1

Buy lookalike domains

  • Choose at least 2 domains that resemble your main brand.
  • If your main domain is acmeroofing.com, examples: acmeroof.com, acmeroofs.com.
2

Create Google Workspace inboxes

  • Purchase 2–3 Google Workspace user licenses per domain at Google Workspace.
  • Create 2–3 email addresses per domain (e.g., first@domain and first.last@domain).
3

Add SPF, DKIM, DMARC records

  • Add SPF TXT record (include Google):
Type: TXT
Name: @
Value: v=spf1 include:_spf.google.com ~all
You can only have one SPF record per domain. If you already have an SPF record, merge the Google include into your existing record.
Learn more about SPF
  • Add DMARC policy at _dmarc:
Type: TXT
Name: _dmarc
Value: v=DMARC1; p=none; adkim=r; aspf=r; rua=mailto:[email protected];
Replace [email protected] with your actual email address where you want to receive DMARC reports.
Learn more about DMARC
  • Generate and publish DKIM from Google Admin:
    1. Visit Google Admin:
    2. Go to Apps → Google Workspace → Gmail → Authenticate email
    3. Generate a new record. Set Select DKIM key bit length to 2048 and Prefix selector (optional) to google
    4. Add the new DNS record at your registrar/DNS host
    5. Click Start authenticating in Google Admin
  • DKIM DNS record (add the value provided by Google Admin): 
Type: TXT
Name: google._domainkey
Value: v=DKIM1; k=rsa; p=... <-- (DKIM generated by Google Admin)
Learn more about DKIM
DNS Configuration
4

Enable domain forwarding (Cloudflare)

  • Create a free Cloudflare account if you do not already have one.
  • Add your lookalike domain to Cloudflare.
  • Move the existing domain: when prompted, update your registrar’s nameservers to the two Cloudflare nameservers provided.
  • After updating nameservers, wait a few minutes for propagation.
When moving to Cloudflare, set all email-related DNS records to DNS only: MX, SPF TXT, DKIM TXT (google._domainkey), and DMARC TXT (_dmarc). Set website records (root A/CNAME, www) to Proxied.
Cloudflare nameserver update screen (placeholder)
  • Using Cloudflare Page Rules instead of registrar DNS forwarding prevents email service providers from detecting and flagging your domain for cold outreach. Registrar forwarding is easily identified; Cloudflare forwarding is not.
  • Once the domain shows as Active in Cloudflare, create a Page Rule to forward the lookalike to your primary domain:
    1. Open your domain in Cloudflare → Rules → Page Rules → Create Page Rule.
    2. If URL matches: https://your-lookalike.com/* (the * matches any path).
    3. Setting: Forwarding URL with status code 301 - Permanent Redirect.
    4. Destination URL: https://your-primary.com/$1 (the $1 preserves the path after the domain).
    5. Save and deploy, then test by visiting the lookalike domain.
Cloudflare Page Rule setup (placeholder)