How To Configure SPF (Sender Policy Framework) Records for Email Server

Posted by

For increase reputation of email server, we could adding SPF records on public DNS.

What is SPF record?

as information from this link : https://support.google.com/a/answer/33786?hl=en, an SPF record is a type of Domain Name Service (DNS) record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain. Recipients can refer to the SPF record to determine whether a message purporting to be from your domain comes from an authorized mail server.

How to configure SPF records?

On this section, i will configure SPF records on my public DNS using cPanel. Fill of spf records is using TXT records like the following example :

imanudin.net     IN     TXT     "v=spf1 a mx ip4:115.124.78.180 include:mail.imanudin.net -all"

Information :

Domain imanudin.net could be sent from all A records,MX records on DNS and address IP 115.124.78.180 include mail.imanudin.net as permitted sender. Besides, not permitted.

This is the example configuration on cPanel

Select Advanced DNS Zone Editor and adding TXT records for SPF

create-spf-records-on-cpanel

spf-records-on-cpanel-after-created

After created SPF records on cPanel, you could check whether your SPF records has been created and has been propagation. You could check on mxtoolbox.com at this link : http://mxtoolbox.com/spf.aspx

Please sent email to Gmail and check whether SPF records has been known or not. The following is example that the SPF records has been known on Gmail

result-of-spf-records

If you has been saw mailed-by on Gmail, it’s mean you has been success to configure SPF. If no, usually still waiting for propagation of DNS

The following is example configure SPF records on GIF

configure-spf-records

Good luck and hopefully useful 😀

14 comments

  1. saya sudah setting di cpanel hosting..dan tunggu untuk propagation ..saya check di mxtool.com hasilnya terkadang pass terkadang no published..terkadang pass spf nya..
    kenapa tidak setabil yah

  2. ini hasil cek di http://www.kitterman.com/recordcheck.py
    Input accepted, querying now…
    evaluating v=spf1 a mx include:mail.cardolestari.co.id ~all …
    Results – PermError SPF Permanent Error: No valid SPF record for included domain: mail.cardolestari.co.id: include:mail.cardolestari.co.id
    apa artinya kang imanuddin..

    1. Hi mas Dedi,

      Untuk pengecekan SPF, yang di cek itu nama domain-nya saja. Bukan nama servernya. Jika domainnya imanudin.net dan nama servernya adalah mail.imanudin.net, maka yang dicek adalah imanudin.net saja

  3. hi iman,
    I follow your guide but its not working on me, its been a week since i set on my DNS. But if I check on MXtoolbox my SPF is working but did’nt appear when i send to gmail

    thanks

      1. hi iman,
        thank you, my fault.
        I already resolved the problem.. I have overlooked my configuration on firewall. I forgot that I have 2 public IP’s. the one that is configured on my mail server is not the public IP that is assigned to my rDNS..

  4. If 2 public IP from different ISP pointing to the same mail Server and acting as a failover…then what will be the SPF TEXT?

    Both the IP pointing to the same mail server (mail.mydomain.com)

    Please Help
    Thanks
    Suman Banerjee

    1. Hi,

      You could add the second IP so that like this :

      imanudin.net     IN     TXT     "v=spf1 a mx ip4:115.124.78.180 ip4:105.114.68.170 include:mail.imanudin.net -all"
      
  5. Hi Iman,
    Is this correct? I need your help, how to achieve Mail Server IP Load Balancing

    Create two A records on my public DNS:

    A mail.example.com 111.22.123.456
    A mail.example.com 222.33.456.789

    Create MX record to point to mail.example.com:

    example.com MX 10 mail.example.com
    example.com MX 20 mail.example.com

    Request PTR Records to my ISP:

    PTR 111.22.123.456 mail.example.com
    PTR 222.33.456.789 mail.example.com

    Appreciate your help..
    Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.