Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Default SPF record including primary domain

Discussion in 'E-mail Discussion' started by brt, Feb 25, 2019.

  1. brt

    brt Well-Known Member

    Joined:
    Jul 9, 2015
    Messages:
    102
    Likes Received:
    8
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    First of all, I've got to say that I'm disappointed in the new Email Deliverability section. It's taken an interface that was straightforward and simple and made it into something way more complicated than it needs to be.

    My problem is that it appears the new Email Deliverability interface is adding my primary domain [example.com] as a default SPF include, and this is not how we have things set up and I don't see a way to disable it.

    I -do- use [spf.example.com] as my include, as this covers all of our hosting IPs and smarthosts, etc., so I can understand having a default include, but I don't understand why it's just randomly choosing one.

    Is there a way to change this behavior?
     
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,141
    Likes Received:
    474
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    I'm sorry to hear that, what about it do you feel isn't straightforward? My personal feeling on it is that it solves some issues that we had with understanding which domain you were currently working with but we'd love to hear feedback.

    Can you show me an example of this? I've got a few domains set up as addons +subdomains and I'm not seeing this occur.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. brt

    brt Well-Known Member

    Joined:
    Jul 9, 2015
    Messages:
    102
    Likes Received:
    8
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    This isn't in regard to any addon or alias, etc. domains, it's more this:

    Server hostname is server.hostco.tld. Client domain is clientdomain.tld. When I go to the Email Deliverability section for any client domains, it's trying to add hostco.tld as a default SPF include. (specifically as an include, like you'd add Mailchimp's inclusion).
     
  4. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,141
    Likes Received:
    474
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    HI @brt

    That's where I'm not able to replicate though, on my test server I'm not seeing any include being added.

    spf_example.png

    Which makes me curious about customizations you might have that are causing this to be added, do you have anything of note in /etc/exim.conf.local?

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. brt

    brt Well-Known Member

    Joined:
    Jul 9, 2015
    Messages:
    102
    Likes Received:
    8
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    I don't believe I've customized anything there, but certainly not recently, and this appears to be a change with v78.

    Here's an example from a brand new account I created today, and it's showing the xxxx.net being included by default. The domain included there is specifically the parent domain of the server hostname.

    spf.png
     
  6. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,141
    Likes Received:
    474
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @brt


    Interesting I'm not seeing this at all:

    creatacct_spf.png

    Are you by chance doing this from a reseller account?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. brt

    brt Well-Known Member

    Joined:
    Jul 9, 2015
    Messages:
    102
    Likes Received:
    8
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    The account was created as root and then moved under a reseller. The screenshot above is logged in as root. That screenshot is under "Modify an Account" though, not "Email Deliverability."

    Here is the same domain under Email Deliverability, with the same domain included automatically.

    (Ignore the nameserver warning, this is a brand new registration and nameservers aren't updated yet)

    spf2.png
     
    #7 brt, Feb 28, 2019
    Last edited: Feb 28, 2019
  8. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,141
    Likes Received:
    474
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @brt

    What do you have set for the following in WHM>>Service Configuration>>Exim Configuration Manager:


    SPF include hosts for all domains on this system
    Autodiscovery SPF include hosts from the smarthost route list
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. brt

    brt Well-Known Member

    Joined:
    Jul 9, 2015
    Messages:
    102
    Likes Received:
    8
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    Aha! This is the one. Thank you!

    I'd rather use the first one you mentioned, "SPF include hosts for all domains on this system", as then I can set the proper one. However, can you tell me what happens if I input my 'spf.example.com' here as far as existing records? (I'm hoping it doesn't change anything existing and only applies to new domains or when enabling SPF.
     
  10. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,141
    Likes Received:
    474
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    I can confirm it does indeed change existing records - the following is from a domain previously on the system which did not have the include added:

    spf_include.png
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice