- Correct SPF Record for Hosticko Hosting (Best Setup + Examples)
- Table of Contents
- What is an SPF record?
- Correct SPF record for Hosticko hosting
- How to find your server IP (needed for SPF)
- Where to add the SPF record (DNS location)
- If you already have an SPF record
- If you send email via Google/Microsoft/Mailchimp
- How to verify SPF is working
- Common SPF mistakes (that cause Rank Math-level headaches later)
- Related Hosticko guides
- FAQs
Correct SPF Record for Hosticko Hosting (Best Setup + Examples) #
Correct SPF record setup is one of the fastest ways to improve email deliverability and stop spoofed emails using your domain.
SPF (Sender Policy Framework) is published as a DNS TXT record and tells other mail servers which hosts are allowed to send email for your domain.
If you want Hosticko to confirm the exact SPF value for your server/domain, submit a ticket:
Hosticko Support
What is an SPF record? #
An SPF record is a DNS policy that authorizes specific servers or services to send email on behalf of your domain.
Receiving mail servers check SPF during delivery to decide whether the sending server is allowed. SPF is standardized in RFC 7208.
Correct SPF record for Hosticko hosting #
The safest “base” SPF format for a typical hosting mailbox is:
v=spf1 a mx ip4:YOUR_SERVER_IP -allWhat this means:
- v=spf1 — SPF version identifier.
- a — allows the server(s) listed in your domain’s A record to send mail.
- mx — allows the server(s) listed in your MX records to send mail.
- ip4:YOUR_SERVER_IP — explicitly allows your Hosticko server IP to send mail.
- -all — hard-fails any server not listed above (strongest policy).
Some providers add an additional include: entry when mail is routed through a relay or filtering service.
Example patterns often look like: v=spf1 a mx ip4:your_server_ip include:some-spf-domain -all.
How to find your server IP (needed for SPF) #
You can get the correct server IP in one of these ways:
- Hosticko welcome email (usually includes the main server IPv4 address).
- cPanel → often shown in the sidebar/server information area.
- cPanel Email Deliverability can auto-suggest SPF and DKIM values for your domain, and lets you customize includes/IP blocks.
Where to add the SPF record (DNS location) #
SPF must be added where your domain’s DNS is hosted. That could be:
- Your domain registrar’s DNS panel (Namecheap, GoDaddy, etc.)
- Cloudflare DNS
- Hosticko/cPanel DNS (if your nameservers point to Hosticko)
Add SPF in cPanel Zone Editor (most common on hosting DNS) #
- Log in to cPanel.
- Open Zone Editor.
- Select your domain and choose Add Record (TXT).
- Set:
- Name/Host:
@(or your root domain) - Type: TXT
- Value: your SPF string (example shown below)
- Name/Host:
- Save the record and allow DNS propagation time.
Example (replace with your real IP):
@ 14400 IN TXT "v=spf1 a mx ip4:203.0.113.10 -all"If you already have an SPF record #
If there’s already an SPF TXT record on your domain, do not create a second one. A domain should have
one SPF record (multiple SPF records can cause failures or unpredictable results).
Instead, merge your Hosticko authorization into the existing record by adding the needed part
(like ip4:YOUR_SERVER_IP or a required include:) before the final all mechanism,
because all is meant to be last.
If your current SPF ends with ~all or -all, always insert new items before that ending.
If you send email via Google/Microsoft/Mailchimp #
If you send mail using third-party services (Google Workspace, Microsoft 365, Mailchimp, etc.), your SPF must also authorize them.
The usual method is adding an include: entry for that provider. cPanel’s Email Deliverability tool supports adding “include” domains
and extra IP blocks safely.
Example pattern (don’t copy blindly – provider values differ):
v=spf1 a mx ip4:YOUR_SERVER_IP include:PROVIDER_SPF_DOMAIN -allFor example, Google Workspace documentation explains SPF and how to publish it for your domain. (Use the SPF value provided by your actual provider.)
Google Workspace: SPF setup guidance
If you’re unsure which services are sending mail for your domain (website forms, CRM, newsletters, etc.), tell Hosticko Support and we’ll help you build one clean SPF record.
How to verify SPF is working #
- In cPanel → Email Deliverability, check the status for SPF. It helps identify missing/invalid policies and suggests fixes.
- Send a test email to a mailbox you control (like Gmail), then check the message headers for SPF results.
(Headers often show “spf=pass” / “spf=fail”.)
Common SPF mistakes (that cause Rank Math-level headaches later) #
- Having two SPF TXT records for the same domain (merge them into one).
- Putting new mechanisms after
-allor~all(they won’t work becauseallshould be last). - Forgetting website/CRM senders (your site forms may send mail, which needs to be authorized).
- Overloading SPF with too many DNS lookups via many includes.
SPF has evaluation/lookup constraints in the standard, keep it clean and minimal. - Using a softfail forever (
~all) when you actually want strict enforcement (-all).
FAQs #
Should I use -all or ~all? #
Use -all if you’re confident you’ve authorized every real sender (Hosticko server + any third-party services).
Use ~all temporarily while testing, then move to -all for stronger protection.
Can I have more than one SPF record? #
No, publish one SPF TXT record per domain. If you have multiple, merge them into a single record.
Do I need SPF if I already have DKIM/DMARC? #
Yes, SPF is one layer of email authentication. DKIM and DMARC complement SPF rather than replace it.
I updated SPF but it’s still failing. Why? #
Common reasons: DNS is managed somewhere else (wrong panel), propagation delay, multiple SPF records exist, or a sender isn’t included.
Submit your current DNS record and your sending method to Hosticko Support for a quick fix.
