Adding an SPF Record
SPF or Sender Policy Framework is a way of stopping your eMail Domain being used to send ‘spoof’ eMails.
SPF can stop a remote web use from sending an eMail claiming to be from
your domain using a forged from address by default new redIT Web and
DNS Hosting accounts have a basic SPF record added which will only allow
eMails from your domain to be sent via our eMail Server which is
associated with your account and the web server you are hosted on.
You can read more about the SPF Project at http://www.openspf.org/
An SPF Record is entered into your DNS Zone file as a Text Record (TXT).
If you do not yet know how to access your redIT Hosting Account please read our Knowledgebase Article Logging into your redIT Hosting Account
Once you are logged into your redIT Web Hosting Account, from the left hand menu with ‘Main Features’ expanded select ‘Domain names’
Select the domain that you wish to alter the SPF Record for and click on the ‘Records’ icon
If you already have an SPF record in your DNS Zone file it will be shown here, to alter the record select the line with a single left click and the click the ‘Edit’ icon.
Your SPF Record will then be opened for you to alter as detailed below:
If you do not have an existing SPF record you will need to create one by clicking on the ‘Add’ Icon which will open the ‘Add a new DNS record’ screen.
If you are adding a new DNS SPF Record you will need the following information:
Name – * (The asterisk character normally found on the number 8 key)
TTL – This can be left at 3600 (1 hour)
Type – Change this to “TXT (text Record)”
Value – This is where you enter your SFP Record value as detailed below.
In any SPF record it must start with “v=spf1” followed by the type of rules that you wish to allow or reject then ending with one of the four “all” qualifiers.
Aas a basic starting point we would recommend the following rule set:
v=spf1 a mx -all
This rule will allow eMails to be send by any server that has an ‘A’ record listed in your DNS Zone file along with and MX Records (eMail Servers) the “-all” should reject any other eMail that is not send from a server associated with your DNS Zone file, this is a good starting point as it will allow you to send eMails from both your known eMail servers and your website.
You can of course expand on this rule set and our Support Team are more than happy to help.