SPF and DMARC for email


#1

we are having a lot of our emails go to spam. my hosting company told me we needed to update our SPF and DMARC on cloudflare but i have no idea what i am supposed to be changing.

so this is what they said, any help would be great:

Ok, as far as I can tell the email was blocked at Gmail as it was considered suspicious and believed to be spam. Looking further into the actual domain, I am seeing that it doesn’t appear any DNS authentication is currently set up, such as SPF or DMARC records. I would recommend setting these up, as many times this type of authentication is required by most email hosts.

[Tyler K.] It appears that the DNS for the domain XYZ is currently hosted with CloudFlare, so you would want to set up those records in your account at CloudFlare.

[clark ] so I do not do anything on our server, i just do it with Cloudflare?

[Tyler K.] In this case, yes. You may also want to provide the following link to Google’s sender guidelines to your rep, and may want to review it yourself, as this will help ensure that email delivered to Gmail is not being marked as spam either: https://support.google.com/mail/answer/81126 There are some tips such as how to actually format the emails and the type of content they see as suspicious.

[Tyler K.] Gmail generally does not accept mail due to the SPF and DMARC policy in these cases, however, so I believe that should be the first priority to set up in CloudFlare.

[Tyler K.] you would need to create additional records for SPF and DMARC. For the SPF record, it would be a TXT record for XYZ.com with the contents “v=spf1 +a +mx +ip4:173.247.242.63 -all” and for the DMARC record, it would be a TXT record for _dmarc.XYZ.com which has the contents “v=DMARC1; p=reject; sp=none; rf=afrf; pct=100; ri=86400”

no idea on what I should be doing on this or where to do this in my cloudflare account.


#2

Have a read of this:

https://support.cloudflare.com/hc/en-us/articles/360004385871-Email-authentication-methods


#3

You add the specified records in the DNS tab of your CloudFlare dashboard. E.g. choose TXT record and enter v=spf1 +a +mx +ip4:X.X.X.X -all

One of the posts you copied above appears to specify the content of the records you need.


#4

so at the top where it has the row and the blue button for Add Record:

  • select TXT from the drop down.
  • name: i can name it anything i want?
  • click to configure: i put in “v=spf1 +a +mx +ip4:173.247.242.63 -all” or do i just put in v=spf1 +a +mx +ip4:173.247.242.63 -all
  • leave Automatic TTL as the default drop down?

I then need to do the same for a DMARC record:

  • TXT record
  • where do i state or put in _dmarc.spiritwear.com
  • click to configure box will have v=DMARC1; p=reject; sp=none; rf=afrf; pct=100; ri=86400

thanks for your help. seems to be way over my head.


#5

You need to name it as your domain name - e.g. example.com)

Goes in the name box.


closed #6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.