Guide to WHM DNS set up


Essential DNS Records for Mail Delivery and Spam Protection



Sender Policy Framework (SPF) is an email validation system, designed to prevent unwanted emails spoofing your email address. SPF does this by allowing receiving mail servers to check that incoming mails was sent from a host authorised by that domains administrator, by comparing it with DNS TXT record on mail senders server. Setting up an SPF TXT record on your server prevents spammers from sending messages that appear to come from your email address.
Further info www.openspf.org



DomainKeys Identified Mail (DKIM) attaches a domain name identifier to a message and uses cryptographic techniques to validate authorisation for its presence. DKIM should be considered a method to verify that the messages' content are trustworthy, meaning that they weren't changed from the moment the message left the initial mail server. This additional layer of trust is achieved by an implementation of the standard public/private key signing process.
Further info www.dkim.org



Domain-based Message Authentication, Reporting & Conformance (DMARC) is an email authentication policy that builds on deployed SPF and DKIM protocols. DMARC is designed to protect against direct domain spoofing only. DMARK allows a sender to indicate that their messages are protected by SPF and/or DKIM and tells a receiving server that if neither of those authentication methods passes to reject or treat the message as junk.
Further info www.dmarc.org



(PTR) Pointer or Reverse DNS (rDNS) is a record that resolves an IP address to a fully qualified domain name (FQDN) as an opposite to what an A Record does. PTR records are used to check if the server name is actually associated with the IP address from where the connection was initiated. A PTR record is required to help your server pass security tests when connecting to other main servers.