Search results for:
Table of Contents
Sender Policy Framework (SPF) records allow you to create a list containing IP addresses (or subnets) that you authorize to send emails on your behalf. This makes it harder for malicious email senders to hide their identity and use your email server for fraud or spam. This will prevent your domain name from being spoofed when an email is received. Doing this will protect against phishing attempts coming from your domain, as well as "identity theft" through emails.
DKIM (DomainKeys Identified Mail) helps ensure emails are not altered between the original and final destination. Each email is signed with a private key that's validated by a public key set in the DNS of the final destination mail server. This way, if any modifications are attempted during transit for the email, the end-user will know when checking.
Luckily you can set both DKIM and SPF easily by using the following steps. Please note that you'll need to be logged in to cPanel.
Step 1. Find the Email section on the home interface of cPanel
Step 2. Select "Email Deliverability"
This page will analyze the domains in your cPanel to see if any DNS issues could affect your email functionality. If problems do exist, it will tell you which records are where problems exist.
Step 3. Select 'Manage' on your domain.
If available, you may also select 'Repair' to attempt to fix your DNS records quickly.
Step 4. Install the suggested DKIM record.
Note: You may be required to generate the DKIM key first.
Step 5. Install the suggested SPF record.
There is also a part of the Email Deliverability page covering the rDNS of your host's IP address and providing you the value your rDNS should be set to. You can view and update your IP's rDNS if needed from your client area.
This can usually depend on what you are using for the DNS management of your domain name. However, you will want to add (or modify an existing) TXT record for the domain. This TXT record for your domain will contain the SPF record details.
By default, you may want to enter for the TXT record:
Example SPF Record
v=spf1 mx -all
This will prevent any server from sending emails from your domain name, except the one listed in your MX record for your domain name. Here is what the SPF record means, broken down.
The v=spf1 part indicates what version of SPF is being used. This will usually affect what the SPF record would look like as a whole. For this, we use spf1 for the version. The next part, mx_\,_ indicates that email coming from your domain should be checked against the server listed in the MX record for your domain, which ties into the last part -all. This will prevent any mail from being sent from a server that is not listed in your SPF record.
Written by Michael Brower / January 9, 2017