Add an SPF record

Overview

This article describes the default DreamHost SPF record and how you can adjust it.

If you are not using DreamHost nameservers, you must set up the SPF records with the current mail DNS provider instead.

Do I need to add SPF manually?

If you're using Google Workspace, you cannot update the SPF record. The field remains uneditable.

DreamHost automatically adds DreamHost's SPF records to your site. You only need to manually add an SPF record if you are also sending email through a third party. For example, you could also send mail through Google or Mailchimp. If you are sending email through services such as those AND also sending email from DreamHost, you'll need to add a custom SPF record that contains both mail servers.

View the following article for further details:

Adding an SPF record

You can only have a single SPF record. If you need to send from multiple servers, make sure to combine them all within the same SPF record.

The following example assumes you're sending email from Google and DreamHost, where the custom Google record AND DreamHost's SPF are added.

v=spf1 mx include:netblocks.dreamhost.com include:relay.mailchannels.net include:_spf.google.com -all
  1. Navigate to the Manage Websites page.
  2. Open the DNS Settings page:
    DNS Settings
    • If in Grid view, click the 'vertical 3 dots' button under your domain. From the popout menu, click the DNS Settings link.
    • If in List view, click the 'vertical 3 dots' button to the right of your domain. From the popout menu, click the DNS Settings link.
      The domain's DNS records display.
  3. Click the Add Record button.
  4. Hover over the TXT Record section and click the ADD link.
  5. Enter the following:
    • Host: This field can be anything. Very often it’s left blank.
    • TXT Value *: Enter the SPF record value of this record to point to.

      You do not need to add the domain name in the Host field.

  6. Click the Add Record button to save.

Allow up to 6 hours for the DNS record to propagate after you save the record.

  • Keep in mind that SPF treats subdomains (such as sub.example.com) separately, thus you may wish to specify SPF records both for example.com and any hosts such as yourhost.example.com. See SPF subdomain FAQ for more information.
  • Wildcard for TXT records are not supported by DreamHost. This is generally discouraged as well as stated in the following article: RFC 4408 §3.1.5.

Editing an SPF record

You cannot edit DreamHost DNS-email SPF records (shown without a pencil icon next to it), which are added by default. If you need to edit a DreamHost DNS-email SPF record, you should instead add a new one (described in the previous section).

To edit an SPF record:

  1. Navigate to the Manage Websites page.
  2. Open the DNS Settings page:
    DNS Settings
    • If in Grid view, click the 'vertical 3 dots' button under your domain. From the popout menu, click the DNS Settings link.
    • If in List view, click the 'vertical 3 dots' button to the right of your domain. From the popout menu, click the DNS Settings link.
      The domain's DNS records display.
    panel-websites-edit-spf-records-01.png
  3. Scroll down to a TXT record and click the pencil icon on the right.
    panel-websites-edit-spf-records-02.png
  4. Edit the TXT Value box to adjust the SPF value and then click the Save button when finished.

Advanced SPF

An advanced SPF record includes more than just the default mail servers: it also has information on all other servers that send mail for the domain. The following is an example of an advanced SPF record:

v=spf1 ip4:321.321.321.321 include:_spf.google.com include:shaw.ca mx ~all
Tag Description
v=spf1
Identifies this DNS record as an SPF version 1 record.
ip4:321.321.321.321
IP address of a specific server, such as your web server for scripts that send mail directly from that server. You can get your web server IP from the Manage Websites page. View the DNS article for further details.
include:_spf.google.com
Includes all of the SPF records from Google, which in this example is where the domain's mail service is hosted.
include:shaw.ca
Includes all the SPF records for Shaw Cable in Canada, an ISP. In this example, mail from the domain is sometimes sent through the ISP's SMTP server.
mx
Includes all of the MX servers the domain uses, listed in the domain's MX DNS records.
-all
Says all other servers are not authorized, and only mail sent from the listed servers will 'pass'.

?all (question mark), -all (dash), or ~all (tilde)

The symbol before "all" indicates how strict the SPF record is enforced.

  • ?, question mark, makes the whole record inactive, as though the domain had no SPF record at all.
  • -, dash, makes the record strict, and any mail from servers not listed will be marked "fail" and may be marked as spam or rejected entirely.
  • ~, tilde, is between the other two options in strictness. Any mail from servers not listed will be marked "softfail". While intended for testing, it is recommended to be used to avoid delivery issues as noted in this article.

The following table shows SPF information for various mail providers that are in popular use:

Provider SPF Information
Campaign Monitor
include:cmail1.com
Constant Contact
include:spf.constantcontact.com
Freshbooks
include:_spf.freshbooks.com
Google
include:_spf.google.com
Hostgator
include:websitewelcome.com
MailChimp
include:servers.mcsv.net
Microsoft/Hotmail
N/A (uses SenderID)
Shaw Communications Ltd.
include:shaw.ca
Telus
include:telus.net

See also

Did this article answer your questions?

Article last updated PST.

Still not finding what you're looking for?