Sender Policy Framework (SPF) records allow domain owners to publish a list of IP addresses or subnets that are authorized to send email on their behalf. The goal is to reduce the amount of spam and fraud by making it much harder for malicious senders to disguise their identity.We recommend customers add a SPF rule to their domain name(s) to combat spam
And to assist we have the following predefined rules which will whitelist our servers accordingly. This will make it easier for you to deploy a SPF rule on your domain where you wish to use our services for sending email.
- We have created a DNS entry for _spf.openhost.net.nz as per below:
° This will whitelist all of Openhost's shared hosting systems
|_spf.openhost.net.nz. 3600 IN TXT "v=spf1 ip4:220.127.116.11/24 ip4:18.104.22.168/24 ip4:22.214.171.124/24 ip4:126.96.36.199/24 ip4:188.8.131.52/24 ip4:184.108.40.206/24 ip4:220.127.116.11/24 ip4:18.104.22.168/25 -all"
- You can implement this by adding the following TXT record to your domain name record:
|@ TXT "v=spf1 include:_spf.openhost.net.nz -all"
- If you have an existing SPF record, then you can just the include:_spf.openhost.net.nz section to your existing SPF record to include Openhost's systems. For example:
|@ TXT "v=spf1 a mx include:_spf.openhost.net.nz -all"
NB: The -all qualifier will soft fail messages that do not originate from one of the IPs listed above. This means the message will most likely arrive at the recipient's system but be tagged as Spam.
Checking the SPF:
This can be done by looking at the source of the message. Below is a before and after look at the SPF check done by Openhost:
X-Spam-Status: No, score=1.0 required=5.0 tests=SPF_SOFTFAIL
X-Spam-Status: No, score=-0.0 required=5.0 tests=SPF_PASS autolearn=disabled