We've been trying to get SPF working on some test accounts since we would like to reduce instances of email spoofing.

I've been having trouble getting it working with one client's account, and I'm not sure I've got the settings right.

What is the exact format needed for:

  • Additional hosts that send email from your domain (A)
  • Include List [INCLUDE]



Is it supposed to be the exact STMP server name (i.e. smtp.myisp.com) or something else (mydomain.com)?

What is the actual difference between these two lists of hosts?

If the "All Entry (ALL)" checkbox is not ticked, is an SPF record still useful?

Also - what about the IP blocks? I can't predict every IP address from which a client will ever send out mail (for example, what if they have a laptop and are travelling) so what is meant to be here - just the server's IP?

I have not been able to get SPF working for someone who sends mail out through Earthlink or Gmail, for example, having added smtpauth.earthlink.net and google.com to the Additional hosts list, and smtpauth.earthlink.net and gmail.com to the Include list, with "All Entry" checked.

Any help appreciated.