An SPF (Sender Policy Framework) record is a type of DNS record that is used to help prevent email spoofing. Email spoofing is when an attacker sends an email that appears to be from a legitimate sender, but is actually fraudulent. The SPF record is used to specify which mail servers are authorized to send emails on behalf of a domain.
When an email is received by a mail server, the server checks the SPF record of the domain that the email claims to be sent from. If the server that sent the email is not listed in the SPF record, the email may be marked as spam or rejected.
Having an SPF record can help protect your domain from being used in email spoofing attacks and can improve the deliverability of your legitimate emails. It is a good idea to set up an SPF record for your domain if you send email from your own servers or use a third-party email service. This can help ensure that your emails are more likely to be delivered to your recipients and not marked as spam.
Create an SPF record
Log in to the control panel for your domain DNS host.
Create a TXT record with the following specifications.
v=spf1 include:spf.xyz.am ~all
In addition to validating the original source of the message, these signatures ensure that the message has not been altered in transit by any third parties.
Decide how you want to enforce SPF failures.
~allwill result in a soft fail (Not authorized, but not explicitly unauthorized).
-allwill result in a hard fail (Unauthorized).
?allis neutral (As if there is no policy at all).
Enter your choice after v=spf1 include:spf.xyz.am, and then save your changes.
Authorize additional mail servers by adding their IP or server name after include:.
- For example:
Type Hostname Destination TTL TXT @ v=spf1 include:spf.xyz.am include:othermailer.com ~all 3600
Save your changes.