Managing SPF, DKIM, and DMARC Records in cPanel for Secure Email Delivery
Managing SPF, DKIM, and DMARC Records in cPanel for Secure Email Delivery
Introduction
Email authentication protocols like SPF, DKIM, and DMARC help verify that emails sent from your domain are legitimate and protect your brand from spoofing and phishing attacks. Managing these DNS records correctly in cPanel improves email deliverability and security.
What Are SPF, DKIM, and DMARC?
- SPF (Sender Policy Framework): Specifies which mail servers are authorized to send emails on behalf of your domain.
- DKIM (DomainKeys Identified Mail): Adds a digital signature to emails, allowing the receiver to verify the message was not altered.
- DMARC (Domain-based Message Authentication, Reporting & Conformance): Builds on SPF and DKIM by specifying how email receivers should handle unauthenticated emails and sends reports to domain owners.
Step 1: Access DNS Zone Editor in cPanel
- Log in to your cPanel account.
- Navigate to the Domains section and click on Zone Editor or DNS Zone Editor.
- Select your domain from the list to manage its DNS records.
Step 2: Add or Manage SPF Record
The SPF record is usually a TXT record in your DNS settings.
- Look for an existing
TXTrecord that starts withv=spf1. If it exists, you may need to update it. - If none exists, click Add Record and select
TXTas the type. - In the Name field, enter your domain (e.g.,
example.com). - In the TXT Data field, enter your SPF rule. Example:
v=spf1 a mx ip4:192.168.0.1 include:spf.protection.outlook.com ~all - Save the record.
Step 3: Enable DKIM in cPanel
- Return to the cPanel main page.
- In the Email section, click Email Deliverability or Authentication.
- Find your domain and check if DKIM is enabled.
- If DKIM is disabled, click the Enable button to generate the necessary DKIM record automatically.
Step 4: Add or Configure DMARC Record
DMARC is also a TXT record. Here’s how to add it:
- Go back to the Zone Editor in cPanel.
- Click Add Record and choose
TXT. - In the Name field, enter
_dmarc.example.com(replaceexample.comwith your domain). - In the TXT Data field, enter your DMARC policy. Example:
v=DMARC1; p=none; rua=mailto:admin@example.com; ruf=mailto:admin@example.com; pct=100 - Save the record.
Note: The
p=none policy means monitor only. Change to p=quarantine or p=reject to enforce stricter handling after monitoring.Verifying Your Records
After adding these records, it’s good practice to verify them using online tools such as:
Troubleshooting Tips
- Changes to DNS records may take up to 24-48 hours to propagate.
- Make sure no duplicate SPF records exist for your domain.
- Use the exact syntax for records; small mistakes can invalidate the records.
Need Help?
If you need further assistance managing your SPF, DKIM, or DMARC records, contact Hiverift Dev Support.
© 2025 Hiverift. All rights reserved.
