TLDR: Add ip4:MAIN_SERVERIP_ADDRESS to your DNS spf record.

Sending over the API? Please check authorizing a domain for API

Note: The server connecting IP should be added to the spf record. Directadmin and cPanel servers default spf include the main ip of the server. While email delivery when using mailbaby will not use this IP, mailbaby servers will look at the SPF record to ensure the connecting server is authorized to send email for the specific domain. If sending only over the API then you only need in SPF.

SPF (Sender Policy Framework) is an email authentication method designed to detect forging sender addresses during the delivery of the email. SPF allows the receiving mail server to check during mail delivery that a mail claiming to come from a specific domain is submitted by an IP address authorized by that domain’s administrators. The list of authorized sending hosts and IP addresses for a domain is published in the DNS records for that domain. Adding SPF will help prevent email spoofing and aid in delivery (gmail as an example may not accept email that it considers unauthorized – no spf/dmarc/dkim).


A basic spf record may look like


“v=spf1 a mx ~all”

This record would allow:

the ip addresses the root domain points to (A record)

the ip addresses of the MX records

All the records in the TXT record of


There is a limit to the amount of dns lookups an spf record can have, and having multiple spf entries could reach the limit. It is recommended to test the changes using or similar to ensure the spf is valid.

Leave a Reply

Your email address will not be published. Required fields are marked *