ISPA Winner 2018 16 Years of Krystal


Please find below our list of Email guides to help with your hosting account.

Using SPF and DKIM to protect your email identity against spam

This article was posted in: Email

SPF and DKIM are just technical ways of saying, I'm Spartacus! (if you ever saw the film, you'll know the problem the Roman's had in identifying the real Spartacus!)

Basically, SPF is a system whereby a special DNS record is created in your domain that identifies all of the server that are authorised to send email for your domain. The idea being, that when a mailserver receives an email that appears to have come from you, it checks for SPF records in your domain to see if the server that sent the mail message is actually authorised to do so. If it is, then your message gets delivered - if it isn't then your message is rejected as spam - simple!

DKIM is slightly different - it uses public/private key encryption techniques to attach a digital signature to your outgoing message headers using a secret private key. The recieving server will check the check the validity of the signature using a public key that is in your DNS . It's a bit like the digital security certificates that validate your online banking.

Both systems are opt-in insofar that they require the receiving mail server to do the checking, but it works very well, and most large ISPs support them.

This guide assumed you have successfully logged into your cPanel account.

How to enable SPF and DKIM for your domain

To enable SPF and DKIM protection for your domains, click on the Email Authentication icon in the Mail section of cPanel.

Then, just click the Enable buttons. This tells the world that our server is the only server authorised to send email for your domain.

The basic settings should be ample!

This will result in a TXT record being added to your DNS zone file which contains the following data

v=spf1 +a +mx +ip4: ?all

You can read up on the SPF syntax at

Going further - authorising an extra servers to send email for your domain with SPF

If you want to authorise another single mail server to send email for your domain, then in the Advanced Settings: section, use the Additional Hosts that send mail for your domains (A): sub-section. Just click the Add button, and enter the IP address or host name of the additional sending host. Further settings are available, and the instructions are fairly self explanatory.

If you need any further advice please raise a support request.