Spf constantly changing not authentic

I have an issue with emails going to spam, as much as I love cloudflare it seems because I use cloudflare and there must be some abuse through the cloudflare servers. I get issues.

anyway every 2 weeks the mail-tester shows add an ip as it is not authenticated. so far i have added around 4 more times in last couple months.

my question is can I put in the spf 27.124..
instead of continuously adding an ip every few weeks.
current code;

v=spf1 +mx +a +ip4: ip4: ip4: ip4: ip4: ip4: ip4: ip4: ~all

my question;

can i put in the spf 27.124.star.star (asterix) didnt show in the thread

If you’re using Cloudflare in proxy (:orange:) mode then you should drop +a from your record as no SMTP traffic will originate from Cloudflare’s IPs. As Cloudflare is not involved with SMTP traffic there is minimal impact to properly configure e-mail flow whether you use Cloudflare for other services or not.

I would be a bit nervous about listing a massively wide range of IPs. What e-mail provider are you using? In many/most cases they should be able to tell you what to add to your SPF record to cover their outbound servers. You can list IP ranges using CIDR notation, but you first need the actual range of IPs.


Messages from temporarily deferred due
to unexpected volume or user complaints

what does this mean when the email doesnt go through?

That error comes from the receiving server, and essentially means you’ve either sent too much mail from a given IP or users are reporting your mail as spam.

Correctly implementing SPF and DKIM will help providers identify your mail independent of other users in your IP space will help, but you still will bump into receiver limits, especially while new.

1 Like

i will have to contact my isp as every couple months there is a new ip i have to put in the spf so my email wont go to spam

Are you sending from a dynamic IP?

yep my internet ip changes.

are these supposed to be proxied as well? as they are DNS only
A ftp
A mail
A *

Cloudflare only proxies HTTP and HTTPS services, so anything else should not be proxied (:grey:).

Does your MX record point to an A record or AAAA record that you update when your dynamic IP changes?

type / name / content …

A domain ip auto proxied
Mx domain mail.domain.com DNS only

Do you update the mail record?

If so, notice your SPF record includes the MX clause? This takes care of the SPF issue, if your outbound SMTP traffic comes from the server listed as your MX record.

i updated the mail record ip to the last ip in the spf code. i’m hopeful that will work.

The point is more this: How does email get to you?

From a technical standpoint this uses the MC record which points to a host, and the A record of that host points to your mail server.

By including +mx in your SPF record, your SPF record implicitly includes this IP, so for a single-server environment where your mail comes and goes from the same IP, your SPF record does not need to be updated.

But, there are more implicated environments. If you have an external spam filter, or more than one mail server then you may have more complexity.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.