To publish an SPF record, you will need access to your domain’s DNS control panel. If you are using a hosting provider, this process is fairly straightforward – just check their technical documentation. If you are unsure how to do this, you can contact support team or your domain administrator for assistance.
To learn how SPF works and why it is such an important security feature, read the article “What is SPF and how to configure it for a domain?”
Start by gathering a list of all domains you own, as you need to update or prepare a new, separate SPF record for each domain. Make sure you also include inactive (aka parked) domains that do not send emails, to also protect them from abuse and potential phishing.
Identify all services which send messages on behalf of your domain(s), including external tools. This includes:
IMPORTANT: If the SPF record does not include all services or servers sending mails on behalf of your domain, receiving servers may direct messages into spam. Remember to update your record after any change in IP or sending tool.
The SPF is expressed as a single string of text, published as a DNS TXT. It consists a list of values (usually IP addresses and domain names) and tags, i.e. various mechanisms and modifiers.
Each domain must have only one SPF record.
Remember, your new SPF record may require up to 48 hours to take effect.
For example: v=spf1 ip4:192.0.2.0 ip6:2001:db8: :cd30
! The given value is an example and does not point to specifics of EmailLabs servers.
For example: v=spf1 ip4:192.0.2.0 ip6:2001:db8: :cd30 include:domainname.com
To authorize EmailLabs to send emails on behalf of your domain, add the following entry to your SPF TXT record:
Receiving server checks wheter an IP from which the message was sent is indicated in ip4/ip6 or whether it matches servers pointed by “include” mechanism.
Note: A single SPF record cannot have more than 255 character-string and should not contain more than 10 lookups to other domains or servers. Each parameter should be separated by a space.
// Instruction above presents only a basic overview of the mechanisms that an SPF record can be composed with. You may find records that also include ptr, exists or redirect mechanisms//
“All” mechanism (always matches) is placed at the end of the SPF record. It indicates what policy and how strictly it should be applied when the receiving server detects a sender that is not authorized in your SPF record.
The “all” mechanism can contain various qualifiers:
For example: v=spf1 ip4:192.0.2.0 ip6:2001:db8: :cd30 include:domainname.com ~all
Mechanisms listed after the “all” will be ignored, so remember to put it at the very end of the record.
In addition to SPF, we also recommend configuring DKIM and DMARC. The above authentication methods provide enhanced domain security and increase the likelihood of proper delivery of Emails to the recipient’s mailbox.
RBL is a dynamic, real-time list of IP addresses that are active spammers (intentional actions) or accidental sources of spam. A blacklist based on domain names is called a...
An ESP (Email Service Provider) is a software-based service for email distribution, often based on its servers, optimized for high (mass) traffic. Many of them enable integration with CRM...
This article was created in cooperation with CyberFolks, a provider of hosting services for thousands of customers in Poland, helping users to choose and purchase a domain name....
Vercom, to which EmailLabs belongs, is a European company, fully compliant with the provisions of GDPR and based solely on its own servers located in CEE. We provide our...
This year, Black Friday falls on November 26th while Cyber Monday on November 29th. So it seems that there are 7 weeks left to prepare well for the battle...