What settings should I use for my SPF record?

Once you've opened the DNS records editor in your DNS hosting provider's control panel, you will need 3 settings to configure or update an SPF record:

Important: first, check if you already have a TXT record that starts with v=spf1 and if you do, click to Edit it. Only if you don't, click to Add a new record.

DNS record type: TXT

Note: some DNS hosting providers (such as Amazon DNS Hosting) require you to set up SPF record of two types - TXT and SPF, instead of publishing only the TXT record type. In this case, the SPF record type should have the exact same value as the TXT one.

Host name/host/name: @ (this character stands for your domain)

Value:

• If you are only sending emails from UHOST server the value should be:

  v=spf1 include:_spf.uhost.hk ~all

• If you are sending from 3rd party servers as well, the value should include UHOST servers as well as all your 3rd party servers:

  v=spf1 include:_spf.uhost.hk a mx ip4:your_smtp_server_IP include:your_smtp_server_spf_record ~all

There are two main SPF policies you can specify for emails that are coming from IPs not included in the SPF record:

• ~all - If the SPF check fails, the result is a SoftFail. It means you recommend to not reject the email solely on this result but to subject the email to closer scrutiny than normal.
• -all - If the SPF check fails, the result is a HardFail. It means you recommend to reject the email if it's not coming from the IPs specified in the SPF record.

You can check if your SPF value syntax is correct using this online tool.

See this RFC document for full information on SPF syntax.