Default SPF record including primary domain

brt

Well-Known Member
Jul 9, 2015
102
8
18
US
cPanel Access Level
Root Administrator
First of all, I've got to say that I'm disappointed in the new Email Deliverability section. It's taken an interface that was straightforward and simple and made it into something way more complicated than it needs to be.

My problem is that it appears the new Email Deliverability interface is adding my primary domain [example.com] as a default SPF include, and this is not how we have things set up and I don't see a way to disable it.

I -do- use [spf.example.com] as my include, as this covers all of our hosting IPs and smarthosts, etc., so I can understand having a default include, but I don't understand why it's just randomly choosing one.

Is there a way to change this behavior?
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
8,080
657
263
Houston
cPanel Access Level
DataCenter Provider
First of all, I've got to say that I'm disappointed in the new Email Deliverability section. It's taken an interface that was straightforward and simple and made it into something way more complicated than it needs to be.
I'm sorry to hear that, what about it do you feel isn't straightforward? My personal feeling on it is that it solves some issues that we had with understanding which domain you were currently working with but we'd love to hear feedback.

My problem is that it appears the new Email Deliverability interface is adding my primary domain [example.com] as a default SPF include, and this is not how we have things set up and I don't see a way to disable it.
Can you show me an example of this? I've got a few domains set up as addons +subdomains and I'm not seeing this occur.
 

brt

Well-Known Member
Jul 9, 2015
102
8
18
US
cPanel Access Level
Root Administrator
This isn't in regard to any addon or alias, etc. domains, it's more this:

Server hostname is server.hostco.tld. Client domain is clientdomain.tld. When I go to the Email Deliverability section for any client domains, it's trying to add hostco.tld as a default SPF include. (specifically as an include, like you'd add Mailchimp's inclusion).
 

brt

Well-Known Member
Jul 9, 2015
102
8
18
US
cPanel Access Level
Root Administrator
I don't believe I've customized anything there, but certainly not recently, and this appears to be a change with v78.

Here's an example from a brand new account I created today, and it's showing the xxxx.net being included by default. The domain included there is specifically the parent domain of the server hostname.

spf.png
 

brt

Well-Known Member
Jul 9, 2015
102
8
18
US
cPanel Access Level
Root Administrator
The account was created as root and then moved under a reseller. The screenshot above is logged in as root. That screenshot is under "Modify an Account" though, not "Email Deliverability."

Here is the same domain under Email Deliverability, with the same domain included automatically.

(Ignore the nameserver warning, this is a brand new registration and nameservers aren't updated yet)

spf2.png
 
Last edited:

brt

Well-Known Member
Jul 9, 2015
102
8
18
US
cPanel Access Level
Root Administrator
Autodiscovery SPF include hosts from the smarthost route list
Aha! This is the one. Thank you!

I'd rather use the first one you mentioned, "SPF include hosts for all domains on this system", as then I can set the proper one. However, can you tell me what happens if I input my 'spf.example.com' here as far as existing records? (I'm hoping it doesn't change anything existing and only applies to new domains or when enabling SPF.
 

todo1991

Registered
Dec 19, 2017
1
0
1
VN
cPanel Access Level
Root Administrator
Hello,

I followed this post and noticed the problem I was looking for.
I want the default spf to not add mainIP itself,
ex record sfp default: v=spf1 +a +mx +ip4:x.x.x.x. ~all)

Now, instead of prescribing the mainIP available, I want to switch to include the txt record of the domain like this:
v=spf1 +a +mx include spf1.domain.ltd ~all



in the configuration section SPF include hosts for all domains on this system
of exim, I have configured it further: spf1.domain.ltd

This results in the default SPF record being changed to:
v=spf1 +a +mx +ip4:x.x.x.x include spf1.domain.ltd ~all

The problem here is that I want to configure the IP list included in txt record of spf1.domain.ltd. I want the default mainIP remove system.

This is useful when changing the IP sending mail when the domain is not using the dnscluster in the system. Because the spf txt records have been configured IP sendmail(mainIP) in spf1.domain.ltd, there is no need to notify the customer to reconfigure the spf record to change the IP send mail.

Any infomation for this?

Thank all!