ubshreenath Posted July 30, 2014 Report Share Posted July 30, 2014 I was receiving a lot of Bounce replies for mails I never sent. I know what email forging is and how easy it is to do it. But when it started to become very frequent off late, I wanted to find out if I had any options to secure my outgoing email. Looks like there was something hidden and sitting in my cPanel. I enabled the SPF feature in Email Authentication. It displayed me a SPF record. I checked my DNS records for my domain and I saw that the SPF entry was already made in the DNS Zone file. However, I use Gmail's Send Mail As feature to send outgoing email from my domain. I do send mail using my own domain's SMTP servers (xxxx.supporteddns.com) and not using Gmail's SMTP servers. I would like to allow this and make sure that the SPF record generated above includes / or is applicable to mail being sent from my Gmail through my MDDHosting SMTP servers. Now is there anything I need to do in this situation? Or will Gmail automatically be allowed to send email without getting flagged as Spam? Do I need to include gmail's MX / A / Domain name in the SPF configuration screen on cPanel to ensure this works correctly? Quote Link to comment Share on other sites More sharing options...
ubshreenath Posted July 30, 2014 Author Report Share Posted July 30, 2014 Update: I believe I have found the answer. Posting here for anyone else who needs to do the same: In my case, since I am using MDDHosting's SMTP servers to send mail while sending them from the Gmail UI, I don't need to configure Google's SPF domain name in my SPF record config. However, on the Email Authentication page in cPanel, I had to add the IP block for the outbound smtp server that MDD uses. In my case it was 173.248.187.103 (outbound.mail.supportedns.com). Once I did this, to confirm it was working, I sent and email from domain's email to my gmail ID and looked at the Message Headers (Show Original). There you should see something like this: Authentication-Results: mx.google.com;spf=pass (google.com: domain of myemail@mydomain.com designates 173.248.187.103 as permitted sender) smtp.mail=myemail@mydomain.com. In case you do send mail from Gmail and use Gmail's SMTP servers instead to forward emails (in my opinion, you shouldn't do this if you want to look professional to your clients), this link describes what you need to do with your SPF record: https://support.google.com/a/answer/178723 To be extremely reserved, you can modify the SPF record to end with -all instead of ~all. Do this only if you understand the consequences. Hope this helps. Quote Link to comment Share on other sites More sharing options...
linkiepoo Posted July 30, 2014 Report Share Posted July 30, 2014 Thank you for this, will add this to my domain. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.