Page Affairs

Editing and Web Design

Setting Up SPF Records in Google Apps

Note: this post was written in 2012, so some details may be out of date.

One item that that wasn’t covered there was the setting up of SPF (sender policy framework) records.

Google recommends that you create SPF records for each of your domains. The purpose of this is—

to prevent spammers from sending messages with forged From addresses at your domain. Recipients can refer to the SPF record to determine whether a message purporting to be from your domain comes from an authorized mail server.

So in setting up an SPF record, you will be explicitly identifying Google’s mail servers as the authorized mail servers for your domains.

Updating Your DNS Records

Adding an SPF record to your domain requires you to update the DNS records for your domain. That’s a fancy way of saying that you need to make this SPF information available on the internet.

How you set up DNS records will depend on your web hosting service, so you may have to contact your web host to get details about that. (Google has some general guidelines here.) If you are using CPanel, you can implement the following steps.

For each domain that you have associated with your Apps account, log in to your CPanel account and choose the “Advanced DNS Zone Editor” option.

Advanced DNS Zone Editor

You’ll then see a small form something like this:

SPF record form

Into the “Name” field, paste your domain name, followed by a dot. E.g. mysite.com..

In the “TTL” (meaning “time to live”) field, you can basically type any number, but a common one to use is “14400”. (This just tells computers around the world how long—that is, how many seconds—to store this information before checking that it is still current.)

From the drop down list, choose “TXT”.

Into the “Address” field, paste v=spf1 include:_spf.google.com ~all.

You will end up with something like this:

a completed text record

Now click the “Add Record” button, and you’re done! You have now added an SPF record for your domain.

Other Possibilities

Another way to prevent spammers from sending emails from your address is by setting DKIM authentication—a slightly more involved process, though quite similar to this one.

© Page Affairs, 2008–2018