bearbear

Just read about one interesting article about install spf records oon a cpanel server

simple SPF syntax: domain.com. 14400 IN TXT “v=spf1 a mx -all”

Definition:
* v=spf1: using spf version 1
* for domain “domain.com” the fallowing IP’s are allowed to send email: the A record IP and the MX record IP’s.
* “-all” – no other IP’s are allowed to send emails

By default, we can log in to the WHM > Edit DNS Zone to add the SPF record. But, if we have 100000 domain need to have SPF setting, how to solve?

Let's try this:
cPanel has built a script: /usr/local/cpanel/bin/spf_installer to install a SPF record for a given cPanel user

But as read, the script is still under Beta version, so it will have some bug, it will only work with your subdomains, addon or parked domains.

This is because, the above script is trying to add to the DNS zone a record like this:

    domain.com 14400 IN TXT “v=spf1 a mx -all”

The correct syntax would be:

    domain.com. 14400 IN TXT “v=spf1 a mx -all”

What is the difference between the two syntax ? The first ones is missing the dot(.)

Anyway, there is a solution to solve this:
1.Login as root on the server using ssh
2.We have to edit SPF.pm source file

    nano /usr/local/cpanel/Cpanel/SPF.pm

3.Locate the fallowing lines (should be at the end of the file)

    foreach my $domain (@DOMAINS) {
    push @installlist , { match => ‘v=spf’,
    domain => $domain,
    record => $domain,
    value => ‘v=spf1 a mx ?all’ };
    }

4.Replace this with:

    foreach my $domain (@DOMAINS) {
    push @installlist , { match => ‘v=spf’,
    domain => $domain.”.”,
    record => $domain.”.”,
    value => ‘v=spf1 a mx ?all’ };
    }

5.Now let’s test to see if it works. Run the fallowing

    /usr/local/cpanel/bin/spf_installer USERNAME

Where USERNAME is the cPanel username.
Now check to see if the zone file has a SPF record.

Lastly, run as root the fallowing in order to install for all the hosted domain:

    for i in `ls /var/cpanel/users` ;do /usr/local/cpanel/bin/spf_installer $i ;done
~End~

Nowadays, cpanel have the setting: Blacklist: SPF Checking at exim Configuration, but somehow as tested, it seem cant work. It didn't any blocking on sending or receiving for the domain that has SPF enable. And when trying to save the exim configuration file, it seem that it still under experimental.

Common issue on SPF: forwarding issue, Solution: Implementing SRS: http://wiki.exim.org/SRS