What is SPF?

Sender Policy Framework (SPF) records specify which mail servers are permitted to send email from a domain.

Why use SPF?

SPF records are not essential to send email. However, publishing a valid SPF record greatly improves the likelihood of your email reaching your recipients. This is because many ISPs and email hosting providers, including Ecenica, check for a valid SPF record as part of their spam filtering checks.

Making your domain work with Ecenica

Ecenica DNS

If you’ve purchased your domain as part of an Ecenica email or web hosting package, we’ll have already configured an SPF record for you. So you do not need to do anything!

How-to add an additional IP address to your SPF record in cPanel

  1. Login into your Ecenica cPanel control panel. See Where do I login to my hosting control panel
  2. Click Authentication
  3. Click Add next to Additional IP Address blocks for your domains (IPv4 or IPv6):
  4. Enter your IP address you wish to add. For example, 192.0.2.12
  5. Click OK
  6. Click Update

How do I add my SPF to a 3rd-Party DNS

Add the following TXT record to your domain DNS when sending using an Ecenica email address.

"v=spf1 include:ecenica.com ~all"

Testing SPF Records

The SPF Project provide an e-mail based record tester you can use to test your own SPF record.

Send an e-mail to spf-test@openspf.org. Your message will be rejected (this is by design) and you will receive your SPF result as a bounce message. An example result will look like this;

: Recipient address rejected: SPF Tests: Mail-From Result=”pass”: Mail
From=”you@example.com” HELO name=”mail.example.com” HELO Result=”pass” Remote IP=”10.10.10.10″>

If you don’t get an email from us within a few minutes please be sure to check your spam filter.

Explanation of the possible results

“pass”
The message passed the authentication test.

“fail”
The message failed the authentication test.

“softfail”
The message failed the authentication test, and the authentication method has either an explicit or implicit policy which doesn’t require successful authentication of all messages from that domain.

“neutral”
The authentication method completed without errors, but was unable to reach either a positive or a negative result about the message.

“temperror”
A temporary (recoverable) error occurred attempting to authenticate the sender; either the process couldn’t be completed locally, or there was a temporary failure retrieving data required for the authentication. A later retry may produce a more final result.

“permerror”
A permanent (unrecoverable) error occurred attempting to authenticate the sender; either the process couldn’t be completed locally, or there was a permanent failure retrieving data required for the authentication.

Adapted fromdraft-kucherawy-sender-auth-header-04.txt andPort25.com.

External links