Knowledgebase
Knowledgebase: Manage your mails
Using SPF records in your domain template to combat spam
Posted by Diego Cousinet on 29 June 2012 02:41 PM

Sender Policy Framework (SPF) records allow domain owners to publish a list of IP addresses or subnets that are authorized to send email on their behalf.  The goal is to reduce the amount of spam and fraud by making it much harder for malicious senders to disguise their identity. We recommend customers add a SPF rule to their domain name(s) to combat spam

 

And to assist we have the following predefined rules which will whitelist our servers accordingly. This will make it easier for you to deploy a SPF rule on your domain where you wish to use our services for sending email.

 

  • We have created a DNS entry for _spf.webhost.co.nz as per below:

    "v=spf1 ip4:119.47.119.0/24 ip4:119.47.114.0/24 ip4:202.89.43.0/24 ip4:203.89.178.0/24 ~all"
     ° This will whitelist all of Webdrive's shared hosting systems 
  • You can implement this by adding the following TXT record to your domain name record:

    @ TXT "v=spf1 include:_spf.webhost.co.nz -all"
  • If you have an existing SPF record, then you can just the include:_spf.webhost.co.nz section to your existing SPF record to include Webdrive's systems. For example:

    @ TXT "v=spf1 a mx include:_spf.webhost.co.nz -all"
     

NB: The ~all qualifier will soft fail messages that do not originate from one of the IPs listed above. This means the message will be tag as spam by the recipient's mail server. The -all qualifier will reject mail.

 

Further reading:

 

Checking the SPF:

This can be done by looking at the source of the message. Below is a before and after look at the SPF check done by Openhost:

  • Before: 

    X-Spam-Status: No, score=1.0 required=5.0 tests=SPF_SOFTFAIL

  • After: 

    X-Spam-Status: No, score=-0.0 required=5.0 tests=SPF_PASS autolearn=disabled

 

(26 vote(s))
Helpful
Not helpful

Comments (0)