spfAfter DMARC, the next in the spam fighting triangle (DKIM being the third) is SPF.

A SPF record (Sender Policy Framework) was originally to help the fight against SPAM but quickly became obsolete. Nevertheless we still need it for most providers like Gmail and

So, although its kind of useless, we still need to configure it!

First of all, create a reversed DNS at your VPS ISP. Your FQDN (for example) resolves to your IP numbers (IPv4 and IPv6) and you should make sure your IP numbers also point to

Secondly, create the record. Just create a ‘neutral’ record like below.

@ 5 MIN TXT v=spf1 ?all

Often includes are necessary to tell the outside world which cluster of servers are allowed to send email for the domain. A SPF record then can look more like below.

@ 5 MIN TXT v=spf1 ip4: ip4: ~all

Includes come at the end.

Complete series: Backscatter check, DMARC, SPF, DKIM with Postfix, DKIM with Postfix and rspamd, DKIM with DirectAdmin and Exim and SMTP checks.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.