m.eid

Well-Known Member
Jun 4, 2014
56
7
83
Jordan
cPanel Access Level
Root Administrator
Twitter
Hi, I want to use SPF record for mail deliverability, and as I read from many articles that it has to contain the hosts or ips allowed to send email, my questions are,
Is this record “v=spf1 +mx +a +ip4:x.x.x.x ~all” required as it suggested from CPanel in account?

  • mx point to same ip4:x.x.x.x, is it enough to use mx or also I have to use ip?
  • a record is proxied by CloudFlare, is it required?
  • if mx record is mail.domain.com and host name is hs.domain.com, have I to put the hostname of the server together with mail.domain.com since both refer to same VPS or not?
  • is it recommended to use -all rather than ~all since just this mail server who allowed to use the email?
    I want the best recommendation for record to be used and no issues will be faced in future.
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
8,110
659
263
Houston
cPanel Access Level
DataCenter Provider
  • mx point to same ip4:x.x.x.x, is it enough to use mx or also I have to use ip?
I'd include the IP for good measure in the event you ever modify anything but it's not mandatory here

  • a record is proxied by CloudFlare, is it required?
Nope this isn't required just a general rule of thumb

if mx record is mail.domain.com and host name is hs.domain.com, have I to put the hostname of the server together with mail.domain.com since both refer to same VPS or not?
I wouldn't use the hostname I would use the domain name and mail.domain.com if the IP address is different than the domain's

is it recommended to use -all rather than ~all since just this mail server who allowed to use the email?
~ SoftFail the directive defines unauthorized senders, but the recipient should treat this failure generously;
this qualifier is for testing purposes
- Fail the directive defines unauthorized senders
So, initially I would use ~ but once you're sure the record in place meets your needs then I would proceed to use -

Thanks!
 

m.eid

Well-Known Member
Jun 4, 2014
56
7
83
Jordan
cPanel Access Level
Root Administrator
Twitter
I'd include the IP for good measure in the event you ever modify anything but it's not mandatory here


Nope this isn't required just a general rule of thumb



I wouldn't use the hostname I would use the domain name and mail.domain.com if the IP address is different than the domain's







So, initially I would use ~ but once you're sure the record in place meets your needs then I would proceed to use -

Thanks!
Thank you for your reply, at Email Deliverability Page I find it says
"Mail HELO
hs.domain.com"
and in the header of the emails it includes from: hs.domain.com
so if I want to reduce the record but make it correctly, can I use it like this ?
v=spf1 +mx ~all
since mx point to x.x.x.x , and if hs.domain.com points for CloudFlare ips rather than origin server ip, will it make any conflicts for it?
is it safer to put both mx and hostname to avoid ip mismatch?
Thank you in advanced
 
Last edited: