View Categories

SPF

TLDR: Add include:spf-c.mailbaby.net ip4:MAIN_SERVERIP_ADDRESS to your DNS spf record.

Sending over the API? Please check authorizing a domain for API

Note: The server connecting IP should be added to the spf record. Directadmin and cPanel servers default spf include the main ip of the server. While email delivery when using mailbaby will not use this IP, mailbaby servers will look at the SPF record to ensure the connecting server is authorized to send email for the specific domain. If sending only over the API then you only need include:spf-c.mailbaby.net in SPF record, along with dns authorization txt record.

SPF (Sender Policy Framework) is an email authentication method designed to detect forging sender addresses during the delivery of the email. SPF allows the receiving mail server to check during mail delivery that a mail claiming to come from a specific domain is submitted by an IP address authorized by that domain’s administrators. The list of authorized sending hosts and IP addresses for a domain is published in the DNS records for that domain. Adding SPF will help prevent email spoofing and aid in delivery (gmail as an example may not accept email that it considers unauthorized – no spf/dmarc/dkim).

 

A basic spf record may look like

 

“v=spf1 a mx include:spf-c.mailbaby.net ~all”

This record would allow:

the ip addresses the root domain points to (A record). To avoid VOID records if the domain does not resolve to any ip do not include this.

the ip addresses of the MX records. To avoid VOID records if the domain does not have an MX record do not include this.

All the records in the TXT record of spf-c.mailbaby.net

 

There is a limit to the amount of dns lookups an spf record can have, and having multiple spf entries could reach the limit. It is recommended to test the changes using https://www.dmarcanalyzer.com/spf/checker/ or similar to ensure the spf is valid.

Users that are using the older style relay.mailbaby.net record can continue to use this and do not need to change this spf record.

Leave a Reply

Your email address will not be published. Required fields are marked *