How to add additional third party mail server in DNS for the domain

Clixer

Active Member
Feb 24, 2018
41
2
8
Australia
cPanel Access Level
Root Administrator
Hello folks,

We are currently running a WHM/Cpanel server on a VPS. The local server is the email server. We have SPF and DKIM configured for the domain and DMARC published. This is working well.

We also use a third party software-as-a-service for our professional services and they send out emails using one of our email addresses using our domain name (e.g. [email protected]) to our clients. Since we have published DMARC for the domain, those emails sent by the third party are being rejected by the receiving servers. How do we fix this problem?

is this only a matter of adding their server IP address in our SPF record for the domain? If yes, what would be configuration? The current SPF record is:

v=spf1 ip4:xxx.x.xxx.xxx +a +mx ~all

Is there anything else we need to do?

Thanks for help.
 

Henry Carter

Active Member
Jul 31, 2019
35
6
8
India
cPanel Access Level
Website Owner
Hello Clixer,

You will get bounce back message from the recipient server with details why emails are getting rejected.

To authorize sending email servers, add additional ip4.
Ex: v=spf1 ip4:10.10.10.1 ipv4:192.168.1.1/24 +a +mx ~all
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
Hello Clixer,

You will get bounce back message from the recipient server with details why emails are getting rejected.

To authorize sending email servers, add additional ip4.
Ex: v=spf1 ip4:10.10.10.1 ipv4:192.168.1.1/24 +a +mx ~all
This would only be relevant if the service was using the same IP for all mail that is sent, which is unlikely. The best way to include another provider is to add an include which can be done from cPanel>>Email>>Email Deliverability -> Manage -> Customize SPF under Additional Settings
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,252
313
Houston
Hi @cPanelLauren. The include method requires me to enter a domain name of the other mail server, is this correct? Should I enter the domain name instead?
You'd enter their domain name or the host they use to send mail from, that way when the SPF is queried it will also pick their information up as being authorized.