1. Knowledge Base
  2. >
  3. Results
  4. >
  5. Problems with Spoof, SPF

Problems with Spoof, SPF

What is Email Spoofing?

Email spoofing is when the email header's From line is modified to something other than the original sender. A common sign that your email address is spoofing is getting tons of spam return messages (like Failure Notification or Mailer Daemon) for emails you never sent.

One of the features of a standard SMTP server is modifying the email header to be from any address. This is a convenient built-in, so the address is easy to read (like snappy@example.com). This feature is often exploited by spammers trying to mask where they are sending from.

How Do I Stop Someone From Spoofing My Domain?

Unfortunately, it will not be possible to stop someone from using your email address as the from address. This is because the address on an email works similarly to a physically mailed letter or package. You can physically put any address on a letter sent via the U.S. Postal Service. The post office does not even check if the return address is real. It is similar to email.

There are methods to help alleviate the issue that will be discussed below.

What Happens When an Email is Spoofed?

When emails are set to be from an email address on your domain and bounce, they are sent to our servers, attempting to deliver themselves to that mailbox. Generally, you will never see these emails; however, if the email spoofer happens to configure the From header to be a real email box, the bounce will come back to your mailbox, and you will receive the email.

Luckily spam filters and ISPs know that and do not penalize people based on the from address. They instead use IP addresses and other indicators to decide who to ban. So unless the spam is coming from your email account, server, or hosting account, you would not be penalized for someone spoofing your email address. Individual users can still filter or block your email address, but modern spam filters do not work that way.

These email spoofers are tracked down from the server that is used to authenticate from originally. That server gets reported to ISPs and Email Realtime Blacklists (RBLs), and the spoofing emails stop.

How to Resolve the Email Spoofing

To resolve email spoofing, there are two methods, creating a catchall or an SPF record. The catchall (Default Address) can resolve the issue only on a short-term basis and is not recommended to be used otherwise. Creating an SPF record would be best for a long-term solution as the DNS would catch unverified users trying to send an email for your domain and prevent it from being sent out.

Partial Solution

If you have Default Address enabled, you can set every catchall to fail: no such address here. This will stop you from getting the bounceback, but the real problem may not be solved.

If you do not have Default Address enabled, you will not need to worry about making this adjustment since our system is automatically set to return messages with the: fail no such address here response.

Full Solution

You will need to create an SPF record to resolve the issue fully. An SPF record is an entry added to the DNS zone for a domain. This record verifies that a user has permission to send mail from a domain, preventing email from being spoofed for your domain.

Note: HostGator automatically creates an SPF record for all Shared and Reseller accounts. You can check the existence of your SPF record at nwtools.com by selecting the DNS Records search and submitting your domain name. Then look for a TXT record with v=spf1 ... as the value.

How to Create an SPF Record in cPanel

Creating an SPF record will verify that a user has permission to send mail from a domain. This is used to prevent email spoofing for your domain. There are several methods for having this record created regardless of if you are using cPanel or WHM.

Please note that SPF records only work if your mail service authenticates outgoing emails. This also means that anyone who uses a mail server that does not respect SPF records will be able to send spoof emails. The SPF record is widely used by popular hosting and email companies such as HostGator, Google/Gmail, Yahoo, Hotmail, etc.
Automatic SPF Record Creation

This is the easiest method for creating an SPF record in cPanel. It will also show whether or not an SPF record is already in place or not.

  1. Log in to cPanel.
  2. In the Email section, click the Email Deliverability icon.

    HostGator cPanel Email Deliverability

  3. Check the Email Deliverability Status.
    »if it says Valid, then DKIM & SPF are Enabled.HostGator cPanel Email Deliverability Valid
    »if it says Problems Exist (DKIM and SPF) or Problems Exist (DKIM), click Repair. Select Generate Local DKIM Key and click Repair to save the changes.

    HostGator cPanel Email Deliverability Repair

Your SPF record will then be generated and added to the domains listed in your cPanel.

Manual SPF Record Creation

This method is intended for users who want to ensure that the SPF record is tailored to their preferences.

  1. Log in to cPanel.
  2. In the Domains section, click the Zone Editor icon. (If you do not have this icon, you cannot create this record in cPanel. Please contact us via phone or Live Chat to request this icon.)

    HostGator Zone Editor

  3. Click Manage to view the domain's complete set of DNS records.

    HostGator Zone Editor Manage

  4. Click the +Add Record button. Select Add "TXT" Record.

    HostGator Zone Editor Add Record

  5. Enter the following information:
    • Name: type your domain name (without the www)
    • TTL: 14400
    • Address: create this special code or use an SPF wizard to generate the code
  6. Click Add Record.
How to Create an SPF Record in WHM

WHM users can create SPF records using the instructions listed below for current cPanels or domains. If an SPF record is needed for a new cPanel, WHM users can also choose to enable the SPF record while creating the cPanel by checking the Enable SPF option.

  1. Log in to WHM.
  2. Under DNS Functions in the left-side panel, click DNS Zone Manager.
  3. Select the desired domain name from the list and click Manage.
  4. Click Add Record and then select Add "TXT" Record
  5. Enter the following information:
    • In the first blank: type your domain name (without the www), then add an extra dot at the end (for example, HostGator.com. It is extremely important to include a trailing dot at the end of your domain, or you may break your DNS.)
    • Do NOT change the 14400 part.
    • From the Select dropdown menu, choose TXT.
    • Create this special code in the Text Information box or use an SPF wizard to generate the code.
  6. Click Save Record to save the changes.