SE Conspiracy

Before we setup the SPF record, let’s modify the default email (catch-all) address to :fail: or discard. Log in to cpanel for the domain and click on ‘Default Address’, configure it so that it looks like the following (substitute your domain and put whatever message you want):

Now let’s setup SPF.

First, go to the SPF setup wizard (open site in new window)

Then, Connect via SSH and perform the following steps manually:

> pico /etc/named.conf
*if pico doesn’t work, try edit

Find the line containing your domain and note the location of the zone file. Edit the zone file and add a line such as (last line in screenshot above):

domain.tld. 14400 IN SPF “v=spf1 a mx -all”

*Notice the period after the domain and tld. Here’s a screenshot of what my record looks like after adding the TXT record:

Command to check SPF record from SSH:
> dig -t TXT domain.tld +short

If you don’t have SSH or if you feel more comfortable using WHM/cPanel, here’s how it should go:

Log into WHM, click on ‘Edit DNS Zone’ and choose your zone. Click ‘Edit’

You should add an entry that looks like this:

Restart BIND and you should be all set!

Restart BIND via SSH with:
> service named restart

Alternatively, you can use WHM’s restart BIND option.