Help Center

Set up SPF Records

Before relaying messages through the MailChannels Outbound filter, SMTP Authentication but be configured to allow a MailChannels owned IP to deliver messages on behalf of your domains(s).

Accurate Sender Policy Framework(SPF) records must be configured in your DNS zone settings to ensure that Internet receivers will properly identify and receive your email messages.

Using WHM/cPanel? Skip the manual setup and let our plugin do this automatically. Try our MailChannels cPanel plugin!

SMTP Authentication

DNS TXT Record(s)

The following records are needed for SPF to work correctly. Replace with your own domain name:





  v=spf1 a mx ~all

  TXT   v=mc1 auth=<account-id>

If you already have an SPF record, simply add to this entry. Make sure to add it BEFORE the “all” mechanism as “all” always matches and typically goes at the end of the SPF record.


Including MailChannels SPF records without the `_mailchannels` subdomain record could make it easier for other users of the MailChannels platform to impersonate mail from your domain. See Domain Lockdown for more details.

If domain lockdown can't be configured, the MailChannels SPF records can be included with a '?', for example 'v=spf1 a mx ? ~all'. In this case, messages from MailChannels will receive a 'neutral' SPF result, which may be accepted by hosts that reject on SPF failure, but it will not affect DMARC results (they will depend on DKIM only).


Note: DKIM keys can be correctly added for Cpanel using our Cpanel - DKIM Configuration Guide.


Non-plugin cPanel Users

cPanel has made available a script "spf_install" to add spf records in bulk. The "spf_install" script allows you to add SPF records to all the user's domains' zone files from the command line.


Here is simple script with which you can add spf records on all cPanel account or on multiple account.

cd /var/cpanel/users
for i in `ls /var/cpanel/users` ;do /usr/local/cpanel/bin/spf_installer $i ;done

Note: Please test this thoroughly before implementing this on production servers


Next Step: Configure your mail server


Was this article helpful?
3 out of 6 found this helpful
Have more questions? Submit a request


  • Avatar

    Do you know how to "mass add" these records to existing domains? I'm running cPanel, but that shouldn't make much difference. All the domains already have their own SPF records.

    Comment actions Permalink
  • Avatar
    active cares

    I am having the same question as "WebHostingZone"

    Comment actions Permalink
  • Avatar

    Messages that are signed via DKIM, and that get passed through your relay servers are getting munged. Making the digitally signed messages (and headers) appear as tampered with or spoofed.

    Comment actions Permalink
  • Avatar

    Why not use the stricter -all rather than ?all. I like to use -all so that mail servers paying attention to spf will not accept spam from compromised machines forging my addresses.

    Comment actions Permalink
  • Avatar

    And is there a WHM or cPanel plugin that automates this task every time a cPanel account is created or a new domain is added?

    Comment actions Permalink

Article is closed for comments.