To reduce the vulnerability to spam in your e-mail, it is recommended to enable SPF and DKIM records in DNS Management.
You can check whether your domain already has an SPF & DKIM record or not by using the following methods:
- By using the following SPF and DKIM checker websites: https://www.mail-tester.com/spf-dkim-check
-
By using the host command on the Linux operating system.
If there are no SPF and DKIM records, you can use the SPF and DKIM defaults in cPanel. The following is a guide on enabling SPF and DKIM in DNS Management.
- Login to your cPanel account.
- On the E-mail tab, select Authentication
- By default this record is still disabled. Click the Enable button.
- Once enabled, the SPF and DKIM records will appear.
Note: If the cPanel version you are using does not find an authentication feature, you can use the Email Deliverability feature to get SPF and DKIM records.
Note: For SPF records, please add the command "include: smtp.biz.net.id" so it will look like this.
v = spf1 + a + mx + ip4: ipserver include: smtp.biz.net.id ~ all
Explanation of the records above:
- + a : Allows the server IP address of the domain for sending email.
- + mx : Allows the server as the MX of the domain to send mail.
- + ip4: 103.58.102.33 : IP address in CIDR format that sends or relays email to the domain (the IP address is just an example).
- include: smtp.biz.net.id : Allows domains that can send or relay email to the domain.
- ~ all : How strictly the server treats incoming and outgoing e-mail.
The following are various policies on the SPF record:
- + all (Pass) - All emails are allowed.
- -all (Fail) - Whereas e-mails that do not match verification (MX record, IP address, etc.) will be automatically rejected.
- ~ all (SoftFail) - Allow email even if it fails when matched with its parameters and will be flagged by the system later.
- ? all (Neutral) - No policies are used.
Add this record to your DNS Management.
