Create an SPF policy
This article explains how to create an SPF policy to protect your email traffic.
- Applies to: Administrator
- Difficulty: Easy
- Time needed: Approximately 15 minutes to create record, 24-48 hours for the record to propagate
- Tools required: DNS host administrator access
You also need access to update DNS entries for your domain. If you do not know where your DNS is hosted, see Find your DNS host.
For more information on prerequisite terminology, see Cloud Office support terminology.
An SPF policy alone is not enough to protect the integrity of your domain’s email. In order to create a secure email verification policy, we recommend the following:
Create an SPF record
Log in to the control panel for your domain DNS host.
Create a TXT record with the following specifications.
Type Hostname Destination TTL TXT @ v=spf1 include:emailsrvr.com ~all 3600
Decide how you want to enforce SPF failures.
~allwill result in a soft fail (Not authorized, but not explicitly unauthorized).
-allwill result in a hard fail (Unauthorized).
?allis neutral (As if there is no policy at all).
Enter your choice after v=spf1 include:emailsrvr.com, and then save your changes.
Authorize additional mail servers by adding their IP or server name after include:.
- For example:
Type Hostname Destination TTL TXT @ v=spf1 include:emailsrvr.com include:othermailer.com ~all 3600
Save your changes.
Continue the conversation in the Rackspace Community.
©2018 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License