To reduce the vulnerability to spam in your e-mail, it is recommended to enable SPF and DKIM records in DNS Management.
You can check whether your domain already has an SPF & DKIM record or not by using the following methods:
- By using the following SPF and DKIM checker websites: https://www.mail-tester.com/spf-dkim-check
By using the host command on the Linux operating system.
If there are no SPF and DKIM records, you can use the SPF and DKIM defaults in cPanel. The following is a guide on enabling SPF and DKIM in DNS Management.
- Login to your cPanel account.
- On the E-mail tab, select Authentication
- By default this record is still disabled. Click the Enable button.
- Once enabled, the SPF and DKIM records will appear.
Note: If the cPanel version you are using does not find an authentication feature, you can use the Email Deliverability feature to get SPF and DKIM records.
Note: For SPF records, please add the command "include: smtp.biz.net.id" so it will look like this.
v = spf1 + a + mx + ip4: ipserver include: smtp.biz.net.id ~ all
Explanation of the records above:
- + a : Allows the server IP address of the domain for sending email.
- + mx : Allows the server as the MX of the domain to send mail.
- + ip4: 22.214.171.124 : IP address in CIDR format that sends or relays email to the domain (the IP address is just an example).
- include: smtp.biz.net.id : Allows domains that can send or relay email to the domain.
- ~ all : How strictly the server treats incoming and outgoing e-mail.
The following are various policies on the SPF record:
- + all (Pass) - All emails are allowed.
- -all (Fail) - Whereas e-mails that do not match verification (MX record, IP address, etc.) will be automatically rejected.
- ~ all (SoftFail) - Allow email even if it fails when matched with its parameters and will be flagged by the system later.
- ? all (Neutral) - No policies are used.
Add this record to your DNS Management.