×
×

Email Authentication

cPanel’s email authentication features provide information about outgoing messages. This helps the server that receives the messages verify that the email comes from a trusted sender.

Set up DKIM

DKIM helps to verify the sender and integrity of a message. It allows an email system to prove that a message was not altered while in transit (which means that it is not forged), and that the message came from the specified domain.

  • To use DKIM, click Enable.
  • To disable DKIM, click Disable.

Note: If a warning displays that claims that cPanel is unable to verify that the server is an authoritative nameserver for the specified domain name and either of the following scenarios is true, ignore the warning.

  • The server has been changed to be the authoritative DNS server for the domain name, but the change has not yet propagated.
  • The server does not view itself as the authoritative DNS server, but outside servers do view it as authoritative.

Set Up SPF

This function attempts to deny spammers the ability to send email while they forge your domain’s name as the sender (spoofing). This authentication function adds IP addresses to a list that specifies computers that are authorized to send mail from your domain(s). It verifies that messages that are sent from your domain(s) come from the listed server, which will reduce the amount of backscatter you receive.

  • To use SPF, click Enable.
  • To disable SPF, click Disable.

Note: If a warning displays that claims that cPanel is unable to verify that the server is an authoritative nameserver for the specified domain name and either of the following scenarios is true, ignore the warning.

  • The server has been changed to be the authoritative DNS server for the domain name, but the change has not yet propagated.
  • The server does not view itself as the authoritative DNS server, but outside servers do view it as authoritative.

Advanced Settings

This section includes the following ways to configure SPF authentication:

  • Additional Hosts that send mail for your domains (A): The additional hosts specified here are automatically approved to send mail from your domain(s). You may add and remove hosts with the appropriate buttons.
  • Additional MX servers for your domains (MX): MX entries specified here are able to send mail from your domain(s).
  • Additional Ip blocks for your domains (IP4): IP addresses that are approved to send mail from your domain(s). Your server's main IP address is automatically included in this list. If you add IP addresses, you must use CIDR notation. (For example, 123.45.6.7/32)
  • Include List (INCLUDE): This feature allows you to specify additional hosts to include in your SPF settings. This is useful when you send mail with another service.
  • All Entry (ALL): If you enable this option, the SPF feature causes hosts that are not defined in the above lists to fail. If you disable this option, the SPF feature will not cause undefined hosts to automatically fail; instead, undefined hosts will be marked as Neutral. When a server receives mail from a neutral host, the server will act as if SPF was not enabled. After you have tested the entries in the above lists and confirmed that they are correct, you should enable this feature.
  • Overwrite Existing Entries: If you select this option, the system will overwrite existing SPF entries.

Click Update to save your changes.