Added SPF and DKIM Records

Written By Support Team (Administrator)

Updated at April 15th, 2022

To reduce the vulnerability to spam in your e-mail, it is recommended to enable SPF and DKIM records in DNS Management.

You can check whether your domain already has an SPF & DKIM record or not by using the following methods:

  • By using the host command on the Linux operating system.

If there are no SPF and DKIM records, you can use the SPF and DKIM defaults in cPanel. The following is a guide on enabling SPF and DKIM in DNS Management.

  • Login to your cPanel account.
  • On the E-mail tab, select Authentication

  • By default this record is still disabled. Click the Enable button.

  • Once enabled, the SPF and DKIM records will appear.

Note: If the cPanel version you are using does not find an authentication feature, you can use the Email Deliverability feature to get SPF and DKIM records.

Note: For SPF records, please add the command "include:" so it will look like this.

v = spf1 + a + mx + ip4: ipserver include: ~ all

Explanation of the records above:

  • + a : Allows the server IP address of the domain for sending email.
  • + mx : Allows the server as the MX of the domain to send mail.
  • + ip4: : IP address in CIDR format that sends or relays email to the domain (the IP address is just an example).
  • include: : Allows domains that can send or relay email to the domain.
  • ~ all : How strictly the server treats incoming and outgoing e-mail.

The following are various policies on the SPF record:

  • + all (Pass) - All emails are allowed.
  • -all (Fail) - Whereas e-mails that do not match verification (MX record, IP address, etc.) will be automatically rejected.
  • ~ all (SoftFail) - Allow email even if it fails when matched with its parameters and will be flagged by the system later.
  • ? all (Neutral) - No policies are used.

Add this record to your DNS Management.

Was this article helpful?