Loading...

Knowledge Base

How To Set up SPF Records

By learning how to set up  SPF (Sender Policy Framework) records, you can defend your email's reputation and fight spam. This DNS record makes it harder for someone to spoof your email address while attempting to impersonate you by informing the recipient's mail host which mail servers are permitted to deliver email from your domain name.  
 
What you need to know about SPF records and how Bluehost may use them for shared and cloud hosting are covered in this article.



Using SPF Records with Shared and Cloud Hosting

The outgoing email server for these accounts does not use proxy IPs from unifiedlayer.com; a proxy server is a computer that acts as an intermediary between the user and the website they wish to connect to. If you use a proxy server, all the websites you visit see its IP address instead of your real one. Instead, the outgoing email server for Account Manager accounts is proxied to websitewelcome.com. Email is not transmitted from unifiedlayer.com proxy IPs. Hence, websitewelcome.com should be used in the SPF record configuration rather than brand-specific URLs. For example:

v=spf1 a mx include:websitewelcome.com ~all

There are three sections to the record:

  1. v=spf1 identifies the TXT record as an SPF record.
  2. An authorized list of outgoing servers is specified by an mx include:websitewelcome.com.
    • If you have a non-Bluehost server, you want to allow sending mail from. This is where you'll add it. It's also where Bluehost's list of approved outgoing servers is included. (include:websitewelcome.com)
    • Third-party email marketing tools often require updating your SPF record to accommodate their servers.
  3. ?all outlines the behavior of servers that are not on the list for hosts. Here are some modifications that you can apply:
    • -all "Hard Fail" indicates that all mail not on the allowlist is rejected. 
    • ~all "Soft Fail" indicates that it accepts mail that is not on the allowlist but handles it carefully.
    • ?all "Neutral" indicates no policy for servers not on the list; it allows all mail. This is the default configuration.

Note: The default SPF DNS Record for Account Manager and Bluerock accounts is the same.

Customizing SPF Records

?all is the default configuration because we're unsure if you'll utilize your domain name and email service elsewhere other than Bluehost. Please see open-spf.org for a more thorough explanation of SPF syntax and processes.

Customize your SPF record by adding more servers and IPs to the second part if you send emails to your domain from a different host. Additionally, change the policy to "all" if you want to make your record stricter to protect the domain from email spoofing.

For example, if you only use Bluehost, we advise using this SPF record if you wish to send email from your domain and want the sending policy to be as stringent as possible: 

v=spf1 a mx ptr include:Bluehost.com -all

This record authorizes your website's server and Bluehost's list of outgoing mail servers to send an email. All other outgoing mail servers are unauthorized. Follow the steps below to add a new SPF record to your domain name. 

How to Set up SPF Records

SPF records are added as TXT records to your Zone File. The default SPF record must be deleted from your cPanel before installing a new one since Bluehost automatically adds one to your zone file for each domain.

Note: To learn more about managing your DNS records, please see DNS Management: How to Add, Edit, or Delete DNS Entries.

  1. Log in to your Account Manager.
  2. Navigate to the Domains tab using the left-hand side menu.
    Domains tab
  3. Click ˅ to enlarge the Advanced Tools section as you scroll down and click Manage next to Advanced DNS Records.
    Advanced DNS Record
  4. Click the +ADD RECORD button.
    Add Record
  5. Depending on the kind of record you are generating, additional fields can show up.  Fill out details as instructed by the DNS record provider.
    • Type: TXT 
    • Refers to: @
    • TXT Value: This is where you would paste your new SPF record.
    • TTL:  4 Hours 
  6. Lastly, click on the ADD button to create the record.

Summary

SPF records are necessary to protect your email reputation and combat spam. They prevent email address spoofing by specifying which mail servers can send email on your domain's behalf. You can customize your SPF record by adding or removing servers and adjusting the policy to suit your security needs. To update or add an SPF record, it's added as a TXT record in your domain's DNS settings. Knowing how to set up SPF records is essential in securing your domain's email communications and ensuring your emails reach their intended recipients without being flagged as spam.

If you need further assistance, feel free to contact us via Chat or Phone:

  • Chat Support - While on our website, you should see a CHAT bubble in the bottom right-hand corner of the page. Click anywhere on the bubble to begin a chat session.
  • Phone Support -
    • US: 888-401-4678
    • International: +1 801-765-9400

You may also refer to our Knowledge Base articles to help answer common questions and guide you through various setup, configuration, and troubleshooting steps.

Did you find this article helpful?

 
* Your feedback is too short

Loading...