Help Center

Using an SPF Record to Prevent Spam

Especially for a business, it is important to prevent the sending of spam using your email addresses. An effective protection against abusive email sending is an SPF record that you can add to your domain at IONOS.

SPF (Sender Policy Framework) is a spam protection method based on the authorization of the email sender. The SPF record is simply additional information in the DNS settings of your domain that defines which mail servers are authorized to send emails. With the help of the SPF record you set, it could state, for example, that only IONOS mail servers are authorized to send emails from your domain. Any attempt to send email from another mail server will either fail or result in these emails being classified as suspicious and moved to spam folders.

Notes

  • You can only create a single SPF record. For example, if you use a service such as Mailjet, you will need to add entries to the existing SPF record.

  • An SPF record is automatically created for the following services:

    • Microsoft 365

    • Gmail

    • Google Workspace or Gsuite

    • Mailjet

    • Zoho Mail

    • AWeber Email Authentication for Optin.com

    • Email Service in Plesk

To add entries to an SPF record that was automatically created for one of these services, you simply need to delete it and then create it again.

Configuring an SPF Record

You can configure an existing SPF (TXT) record in the DNS settings of your domain right in your IONOS account.

  • Log in to your IONOS account.

  • Click on the Domains & SSL tile.

  • For the desired domain, under Actions, click on the gear icon and select DNS.

    You will go to an overview of the DNS records available for your domain. SPF records can be recognized by their type SPF (TXT).

  • Click on the pencil icon under Actions for the SPF record you want to edit.

  • Add the required entries in the Value field. Make sure that the existing entries are not deleted.

Please Note

If you also want to authorize another mail server to send email, add the following entry:

include:DOMAIN-NAME

Replace the DOMAIN-NAME placeholder with the domain whose servers are allowed to send emails on your behalf. You can get the correct information from the administrator/support of the service provider.

If you only have an IPv4 address for the mail server, add the following entry:

+ip4:IPv4_ADDRESS_OF_THE_MAILSERVERS

Replace the IPv4_ADDRESS_OF_THE_MAILSERVERS placeholder with the IPv4 of the mail server you want to use.

  • Click Save.

Creating an SPF record

If no SPF record exists for your domain yet and you want to use the IONOS mail servers, follow these steps to create one:

  • Log in to your IONOS account.

  • Click on the Domains & SSL tile.

  • For the desired domain, under Actions, click the gear icon and select DNS.

  • Click ADD RECORD and select SPF (TXT) under Type.

  • In the Host Name field, enter the desired host, for example, www or @. The @ character is used as a wildcard in this case and causes the setting to apply to the domain and all subdomains. If you do not know what to enter, you can also leave the field empty. The SPF record then applies to the entire domain, including the subdomains.

  • In the Value field, enter the statement for authorizing the IONOS mail servers. You can choose between the Softfail and Hardfail settings.

    If you want to use the Softfail setting, add the following:
    v=spf1 include:_spf.perfora.net include:_spf.kundenserver.de ~all

    If you want to use the Hardfail setting instead, enter the following:
    v=spf1 include:_spf.perfora.net include:_spf.kundenserver.de -all

Please Note

If you also want to authorize another mail server to send email, add the following entry:

include:DOMAIN-NAME

Replace the DOMAIN-NAME placeholder with the domain whose servers are allowed to send emails on your behalf. You can get the correct information from the administrator/support of the service provider.

If you only have an IPv4 address for the mail server, add the following entry:

+ip4:IPv4_ADDRESS_OF_THE_MAILSERVERS

Replace the IPv4_ADDRESS_OF_THE_MAILSERVERS placeholder with the IPv4 of the mail server you want to use.

Example:

To use the SPF record for Mailjet as well, the rule include:spf.mailjet.com must be added. In this case, the value field contains the following:

v=spf1 include:_spf.perfora.net include:_spf.kundenserver.de include:spf.mailjet.com ~all

With the Softfail and Hardfail settings, you can controlhow the recipient's mail server handles the receipt of unauthorized emails.

With Softfail, all emails are delivered to the recipient. However, all emails that do not originate from IONOS mail servers are automatically moved to the recipient's spam folder as suspicious emails. The softfail entry contains an ~all command at the end.

With hardfail, the recipient will only receive emails sent from IONOS mail servers. All emails from other mail servers will not be delivered. The hardfail entry contains an -all command at the end.

Note

We recommend using the Softfail setting.

  • Optional: Select the desired TTL.
    By default, your settings are active immediately.
  • Click Save.

Your changes are effective immediately at IONOS. It can take up to an hour for the change to be updated worldwide due to the decentralized structure of the Domain Name System.

Log In and Set SPF RecordSet SPF Record

Content