Email SPF Records: Difference between revisions
No edit summary |
|||
(4 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Sender Policy Framework | ==What is a SPF record== | ||
An SPF (Sender Policy Framework) record is a type of TXT record in your domains DNS configuration. The TXT record specifies a list of authorized hostnames/IP addresses that mail can originate from for a given domain name. Once this entry is placed within the DNS zone (records), no further configuration is necessary to take advantage of servers that incorporate SPF checking into their anti-spam systems. This SPF record is added the same way as a regular A, MX, or CNAME record. | |||
If you host email for your domain at Bravenet the SPF TXT record would be: | |||
Name: example.com | |||
Value: v=spf1 include:spf1.bravehost.com ~all | |||
TTL 3600 or one hour | |||
''Please substitute example.com for your own domain name. If you see a MX record of the form mail1.bravehost.com you are likely hosting your email at Bravenet.'' | |||
Adding the SPF record to your zone file is one of the best ways to stop spammers from using this technique with your domain. An SPF record will remove a high quantity of | ==Why is a SPF record important== | ||
Adding an SPF record can help detect and prevent spammers from sending email messages with forged From addresses on your domain. Spamming with a fake reply-to address is called "spoofing." Since the email appears to be coming from your server, complaints and bounce backs from the spam will often be redirected to your server, rather than the actual spammer. You may also receive some of the original spam - spam that appears to be coming from you. Adding the SPF record to your zone file is one of the best ways to stop spammers from using this technique with your domain. An SPF record will remove a high quantity of bounce backs that you are receiving because other providers will reject the email immediately, without sending a bounce-back to the spoofed reply-to address. | |||
Recently, some email providers who you may want to send email to have started outright rejecting email or sending the email to their Spam folders if the SPF record for your domain does not exist or is incorrect. | |||
== | ==Configuring an SPF TXT Record== | ||
When configuring a SPF TXT record it is important to identify and define where your domains DNS is hosted (name servers), where the email is hosted (MX records) and what the SPF TXT record is related to those parameters. To determine where your email and DNS are hosted please see the troubleshooting section at the bottom of this article. | |||
=== Configuration 1) Email and DNS hosted at Bravenet === | |||
If you want to host your email at Bravenet and your nameservers are configured for Bravenet nameservers you would add the following TXT record at Bravenet: | |||
1. Login to your Bravenet account <br> | 1. Login to your Bravenet account <br> | ||
2. Click on the "Domains" tab <br> | 2. Click on the "Domains" tab <br> | ||
3. Click on the domain you wish to manage <br> | 3. Click on the domain you wish to manage <br> | ||
4. Scroll down to "TXT" Records and click "Add TXT Record" <br> | 4. Scroll down to "TXT" Records and click "Add TXT Record" | ||
5. If | subdomain: <Leave this field blank> | ||
Host Name: example.com | |||
value: v=spf1 include:spf1.bravehost.com ~all | |||
TTL: Default (1 Hour) | |||
<br> | |||
5. Click Create Record | |||
===Configuration 2) Email hosted at Bravenet and DNS hosted at a Third Party Host=== | |||
If you want to host your email at Bravenet and your nameservers are configured for Third Party nameservers you would add the following SPF record at your third party DNS host: | |||
'''Add TXT Record''' | |||
name: example.com | |||
value: v=spf1 include:spf1.bravehost.com ~all | |||
TTL 3600 or one hour | |||
''Please consult your Third Party Host documentation on how to add a SPF TXT record for your domain'' | |||
=== Configuration 3) Email hosted at Third Party Host and DNS hosted at Bravenet === | |||
If you want to host your email at a Third Party Host and your nameservers are configured for Bravenet use the steps in Configuration 1 of this article but change the 'value' in step 4 to the SPF value provided by your Third Party Host. | |||
Note this also assumes you have set your third party MX records correctly at Bravenet. | |||
=== Configuration 4) Email and DNS hosted at Third Party Host === | |||
If you want to host your email at a Third Party Host and your nameservers are configured for a Third Party Host use the steps in Configuration 2 of this article but change the 'value' of the record to the SPF value provided by your Third Party Host. | |||
=== Configuration 5) Multiple Host SPF record === | |||
You are able to define multiple email host platforms in a single SPF record. Please be aware that merging the multiple records into one SPF TXT record is the correct way of adding multiple email hosts to a SPF record. Defining more than one SPF TXT record for your domain will result in unexpected results and is not recommended. | |||
For example, if you want to use a Third Party Email Host and employ the services of Bravenet's Mailing List services that will be two different email server SPF records you would need to merge together. From a high level standpoint you would use the current SPF TXT record from your third party email provider and add Bravenet's SPF TXT record to it. You are essentially authorizing two different email server sources to send email for you domain. You would still employ either of the methods above (Configuration 1 or 2) to add the record. | |||
Say for example you used Microsoft Office 365 as an email provider, you would have a SPF TXT record value that looked like the following: | |||
<code>v=spf1 include:spf.protection.outlook.com ~all</code> | |||
Looking at the value part of the Bravenet SPF TXT record you end up with: | |||
<code>include:spf1.bravehost.com</code> | |||
Putting them both together you end up with the following TXT record: | |||
v=spf1 include:spf.protection.outlook.com include:spf1.bravehost.com ~all | |||
'''''Please do NOT add multiple SPF TXT records to your domain this will result in unexpected behavior.''''' | |||
== Troubleshooting Information== | |||
=== Verify the value of a SPF TXT record === | |||
After adding the TXT record you may have to wait up to one hour before the change is reflected on the internet. You can use this publicly available tool to test if your TXT record is correct: | |||
https://mxtoolbox.com/TXTLookup.aspx | |||
For email hosted at Bravenet the SPF TXT record would be: | |||
v=spf1 include:spf1.bravehost.com ~all | |||
=== Verify where email is hosted – Verify MX records === | |||
To verify where email is hosted you would look to see what the MX records for the domain are set to: | |||
https://mxtoolbox.com/MXLookup.aspx | |||
For email hosted at Bravenet those servers would be: | |||
'''Pref Hostname IP Address TTL''' | |||
10 mail1.bravehost.com 65.39.211.20 60 min | |||
20 mail2.bravehost.com 65.39.211.21 60 min | |||
=== Verify Name Servers for a domain === | |||
https://mxtoolbox.com/DNSCheck.aspx | |||
For email hosted at Bravenet those servers would follow this convention nsNN.bravehost.com where NN is any numeric digit for example: | |||
'''ns9.bravehost.com''' | |||
'''ns10.bravehost.com''' | |||
== Further Information== | |||
[[Using your Bravenet e-mail account]] | |||
[[Troubleshooting Email]] | |||
[[Category:E-Mail]] | |||
__NOTOC__ |
Latest revision as of 07:39, 2 May 2023
What is a SPF record
An SPF (Sender Policy Framework) record is a type of TXT record in your domains DNS configuration. The TXT record specifies a list of authorized hostnames/IP addresses that mail can originate from for a given domain name. Once this entry is placed within the DNS zone (records), no further configuration is necessary to take advantage of servers that incorporate SPF checking into their anti-spam systems. This SPF record is added the same way as a regular A, MX, or CNAME record.
If you host email for your domain at Bravenet the SPF TXT record would be:
Name: example.com Value: v=spf1 include:spf1.bravehost.com ~all TTL 3600 or one hour
Please substitute example.com for your own domain name. If you see a MX record of the form mail1.bravehost.com you are likely hosting your email at Bravenet.
Why is a SPF record important
Adding an SPF record can help detect and prevent spammers from sending email messages with forged From addresses on your domain. Spamming with a fake reply-to address is called "spoofing." Since the email appears to be coming from your server, complaints and bounce backs from the spam will often be redirected to your server, rather than the actual spammer. You may also receive some of the original spam - spam that appears to be coming from you. Adding the SPF record to your zone file is one of the best ways to stop spammers from using this technique with your domain. An SPF record will remove a high quantity of bounce backs that you are receiving because other providers will reject the email immediately, without sending a bounce-back to the spoofed reply-to address.
Recently, some email providers who you may want to send email to have started outright rejecting email or sending the email to their Spam folders if the SPF record for your domain does not exist or is incorrect.
Configuring an SPF TXT Record
When configuring a SPF TXT record it is important to identify and define where your domains DNS is hosted (name servers), where the email is hosted (MX records) and what the SPF TXT record is related to those parameters. To determine where your email and DNS are hosted please see the troubleshooting section at the bottom of this article.
Configuration 1) Email and DNS hosted at Bravenet
If you want to host your email at Bravenet and your nameservers are configured for Bravenet nameservers you would add the following TXT record at Bravenet:
1. Login to your Bravenet account
2. Click on the "Domains" tab
3. Click on the domain you wish to manage
4. Scroll down to "TXT" Records and click "Add TXT Record"
subdomain: <Leave this field blank> Host Name: example.com value: v=spf1 include:spf1.bravehost.com ~all TTL: Default (1 Hour)
5. Click Create Record
Configuration 2) Email hosted at Bravenet and DNS hosted at a Third Party Host
If you want to host your email at Bravenet and your nameservers are configured for Third Party nameservers you would add the following SPF record at your third party DNS host:
Add TXT Record
name: example.com value: v=spf1 include:spf1.bravehost.com ~all TTL 3600 or one hour
Please consult your Third Party Host documentation on how to add a SPF TXT record for your domain
Configuration 3) Email hosted at Third Party Host and DNS hosted at Bravenet
If you want to host your email at a Third Party Host and your nameservers are configured for Bravenet use the steps in Configuration 1 of this article but change the 'value' in step 4 to the SPF value provided by your Third Party Host.
Note this also assumes you have set your third party MX records correctly at Bravenet.
Configuration 4) Email and DNS hosted at Third Party Host
If you want to host your email at a Third Party Host and your nameservers are configured for a Third Party Host use the steps in Configuration 2 of this article but change the 'value' of the record to the SPF value provided by your Third Party Host.
Configuration 5) Multiple Host SPF record
You are able to define multiple email host platforms in a single SPF record. Please be aware that merging the multiple records into one SPF TXT record is the correct way of adding multiple email hosts to a SPF record. Defining more than one SPF TXT record for your domain will result in unexpected results and is not recommended.
For example, if you want to use a Third Party Email Host and employ the services of Bravenet's Mailing List services that will be two different email server SPF records you would need to merge together. From a high level standpoint you would use the current SPF TXT record from your third party email provider and add Bravenet's SPF TXT record to it. You are essentially authorizing two different email server sources to send email for you domain. You would still employ either of the methods above (Configuration 1 or 2) to add the record.
Say for example you used Microsoft Office 365 as an email provider, you would have a SPF TXT record value that looked like the following:
v=spf1 include:spf.protection.outlook.com ~all
Looking at the value part of the Bravenet SPF TXT record you end up with:
include:spf1.bravehost.com
Putting them both together you end up with the following TXT record:
v=spf1 include:spf.protection.outlook.com include:spf1.bravehost.com ~all
Please do NOT add multiple SPF TXT records to your domain this will result in unexpected behavior.
Troubleshooting Information
Verify the value of a SPF TXT record
After adding the TXT record you may have to wait up to one hour before the change is reflected on the internet. You can use this publicly available tool to test if your TXT record is correct:
https://mxtoolbox.com/TXTLookup.aspx
For email hosted at Bravenet the SPF TXT record would be:
v=spf1 include:spf1.bravehost.com ~all
Verify where email is hosted – Verify MX records
To verify where email is hosted you would look to see what the MX records for the domain are set to:
https://mxtoolbox.com/MXLookup.aspx
For email hosted at Bravenet those servers would be:
Pref Hostname IP Address TTL 10 mail1.bravehost.com 65.39.211.20 60 min 20 mail2.bravehost.com 65.39.211.21 60 min
Verify Name Servers for a domain
https://mxtoolbox.com/DNSCheck.aspx
For email hosted at Bravenet those servers would follow this convention nsNN.bravehost.com where NN is any numeric digit for example:
ns9.bravehost.com ns10.bravehost.com