How To Setup a DNS SPF (Sender Policy Framework) Record
If you are using assistive technology and are unable to read any part of the HostMonster website, or otherwise have difficulties using the HostMonster website, please call 866-573-HOST and our customer service team will assist you.
Skip to main content

HostMonster Web Hosting Help

How To Setup a DNS SPF (Sender Policy Framework) Record

DNS Management SPF Records

Protect your email reputation and combat email spoofing by setting up a Sender Policy Framework (SPF) record. It's a type of DNS record that notifies the recipient's mail host which mail servers are authorized to send email from your domain name, making it much more difficult for someone to spoof your email address trying to impersonate you.

This article outlines what you need to know about SPF records and how they can be implemented at HostMonster for Shared hosting. If you use VPS or Dedicated hosting, check out SPF for VPS and Dedicated.



Using SPF Records with Shared Hosting

Legacy Accounts

Each host uses their own set of spam-filtering rules for their incoming mail servers. This means that depending on the rules, one outgoing mail server may be better for delivering mail to host XYZ while another server is better for delivering mail to host ABC. Because we want to keep your delivery rates as high as possible, we use an entire network of servers to send mail so our system can select the mail server best qualified to send a message to its particular destination.

To make it work, we maintain a list of approved servers and IP addresses in the SPF record of hostmonster.com, which is then included in the default SPF record of every domain on our Shared hosting plans. The default record looks like this:

v=spf1 a mx ptr include:hostmonster.com ?all

The record is composed of three parts:

  1. v=spf1 identifies the TXT record as an SPF record.
  2. a mx ptr include:hostmonster.com specifies an approved list of outgoing servers.
    • If you have a non-HostMonster server you want to allow sending mail from, this is where you'll add it. It's also where HostMonster's list of approved outgoing servers is included. (include:hostmonster.com)
    • Third-party email marketing tools often require that you update your SPF record to accommodate their servers.
  3. ?all specifies how hosts should regard servers that are not on the list. There are a few modifiers you can use here:
    • -all "Hard Fail" means reject all mail that isn't on the allowed list.
    • ~all "Soft fail" means accept mail not on the allowed list, but treat it with more scrutiny.
    • ?all "Neutral" means accept all mail; there isn't a policy for servers not on the list. This is the default setting.

Rock Accounts

These accounts do not use unifiedlayer.com proxy IPs as the outgoing email server. Instead, Rock accounts use websitewelcome.com proxy IPs as outgoing email server. Since email is not sent from unifiedlayer.com proxy IP's, the SPF record needs to be configured with websitewelcome.com instead of brand-specific URL's. For example:

v=spf1 a mx include:websitewelcome.com ~all

The record is composed of three parts:
  1. v=spf1 identifies the TXT record as an SPF record.
  2. a mx include:websitewelcome.com specifies an approved list of outgoing servers.
    • If you have a non-HostMonster server you want to allow sending mail from, this is where you'll add it. It's also where HostMonster's list of approved outgoing servers is included. (include:websitewelcome.com)
    • Third-party email marketing tools often require that you update your SPF record to accommodate their servers.
  3. ?all specifies how hosts should regard servers that are not on the list. There are a few modifiers you can use here:
    • -all "Hard Fail" means reject all mail that isn't on the allowed list.
    • ~all "Soft fail" means accept mail not on the allowed list, but treat it with more scrutiny.
    • ?all "Neutral" means accept all mail; there isn't a policy for servers not on the list. This is the default setting.

Customizing SPF Records

?all is the default setting since we don't know if you'll be using another email service other than HostMonster with your domain name. For a more in-depth look at SPF syntax and mechanisms, see openspf.org.

If you're using another host to send email for your domain, customize your SPF record by adding additional servers and IPs to the second part of the record. And if you want to make your record more strict to defend the domain from email spoofing, adjust the policy for "all."

For example, if you only use HostMonster to send email from your domain and you want to make the sending policy as strict as possible, we recommend using this SPF record:

v=spf1 a mx ptr include:hostmonster.com -all

This record authorizes your website's server and hostmonster's list of outgoing mail servers to send email. All other outgoing mail servers are unauthorized. To add a new SPF record to your domain name, follow the steps in How to add an SPF Record.


How to add an SPF Record

SPF records are added to your Zone File as TXT records. Keep in mind that, by default HostMonster adds an SPF record to your zone file for each domain; so if you want to add another record, it's best to delete the default one from inside your cPanel.

  1. Log in to your HostMonster control panel
  2. Go to the Domains menu at the top and click the Zone Editor sub menu.
  3. Select your domain name from the drop-down.
  4. If you're removing an existing SPF record, scroll down to find it in the TXT record section to find it and click Delete.
  5. To add a new SPF record, enter this information under Add DNS Record at the top of the Zone Editor:
    • Name: Type your domain name (without the www)
    • TTL: 14400
    • Type: TXT
    • TXT Value: This is where you would paste in your new SPF record.
  6. Click Add Record.

You're done!


Knowledgebase Article 259,931 views bookmark tags: email prevent spf spoof spoofing


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

Sender Policy Framework records, or SPF records are a type of DNS record used to identify which mail servers should be allowed to send email from a certain domain name.
Knowledgebase Article 121,426 views tags: dedicated email prevent spf spoof spoofing vps

Explanation of how to recognize spoof mail and what can be done to prevent it
Knowledgebase Article 323,196 views tags: email spam spoof spoofing

I would like to change my MX Record so I can use a mail server with another provider.
Knowledgebase Article 661,050 views tags: dns email exchanger local mail mx remote routing

Related Help Content

Trying to send out emails from multiple email accounts fail from both webmail and third party email clients. Possible Reasons: The maximum emails per hour has been exceeded. This can be caused by forw
Knowledgebase Article 591,477 views tags: email exceeded mailbox outlook quota receive receiving send sender unable

How to setup an email account in Outlook 2016 for Windows
Knowledgebase Article 382,116 views tags: client email mail outlook setup windows

How to setup an email account in Outlook 2016 for Mac
Knowledgebase Article 232,446 views tags: client email mac mail outlook setup

How to Configure Eudora Pro to Access Email?
Knowledgebase Article 358,946 views tags: config configuration email eudora mail setup

Windows Live Mail combines the ease of use of Outlook Express, with the speed of Windows Live. This tutorial will show you how to setup your email account in Windows Live Mail.
Video "How-to" Tutorial 315,619 views tags: email emailclient mail

What is your Spam and bulk email policy?
Knowledgebase Article 335,632 views tags: email policy

As the registrar, we will assist in the following domain dispute, providing the specific criteria is met. The domain has been moved without the domain owner's consent by means of the password or EPP c
Knowledgebase Article 376,979 views tags: dispute domain epp icann moved owners ownership permission policy proof

How to setup your HostMonster-hosted email address with an email application.
Knowledgebase Article 1,262,388 views tags: application client email mail outlook webmail

This site utilizes JavaScript to function correctly. Looks like it's disabled on your browser. Please enable it for your best experience.

For instructions on enabling JavaScript, click here