Softfail "~all" is a safe default because receiving mail servers will not as likely block it or send it to a spam folder.
When you set it to "-all" you better make sure that you have all the included servers, IPs, etc. that send email with your domain, otherwise the SPF record will indicate that a server may not be authorized to send mail on behalf of your domain.
So, if you know you have everything you need, then go ahead and set it to "-all" in my opinion.
When you set it to "-all" you better make sure that you have all the included servers, IPs, etc. that send email with your domain, otherwise the SPF record will indicate that a server may not be authorized to send mail on behalf of your domain.
So, if you know you have everything you need, then go ahead and set it to "-all" in my opinion.
Hello 
Yes, the consensus is to avoid hard fails on SPF records since it breaks email forwarding unless the forwarding server uses SRS. The "~all" entry is generally preferred since it gets messages from non-standard senders bumped up in spam detection systems, but doesn't outright fail them.
Thank you.
Yes, the consensus is to avoid hard fails on SPF records since it breaks email forwarding unless the forwarding server uses SRS. The "~all" entry is generally preferred since it gets messages from non-standard senders bumped up in spam detection systems, but doesn't outright fail them.
Thank you.
Which brings up the issue of cPanel not providing the interface to enable SRS support itself for the emails it forwards. Seems to be a simple update that hasn't been implemented for years.
Add your vote. Built-in SRS support under Advanced Exim Configuration Editor in WHM. | cPanel Feature Requests
Add your vote. Built-in SRS support under Advanced Exim Configuration Editor in WHM. | cPanel Feature Requests
More incredible knowledge that I never knew! Thank you, was wondering why we are getting hard fails on forwarders.
@kdean, sorry for replying to a 7 year old post, but fortunately SRS is now available:
Yeah, replies this old make me go wait, that's me up above. What did I have to say? What was I talking about? ... and do I still agree with myself? And I still do.
For the good of the next generation I sometimes reply on old posts to send good karma for solved problems, because, frankly, it makes me happy. Ahem.
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
| M | old cPanel edit SPF record | 3 | ||
| P | [CPANEL-31754] SPF false positive, fails on valid senders after upgrade | 37 | ||
|
Can't seem to figure out how WHM/cPanel work together with MX / SPF records | 3 | ||
| J | will cpanel/whm support spf records? | 11 | ||
| C | WHM/cpanel renders SPF records useless! | 10 |