If you have a hosting or Forwarding or Email package with Lowesthosting.com we already create default SPF, DKIM & DMARC records that are preset to correctly send email from our servers so that outbound mail you send will pass most spam checks and has a higher likelihood of being accepted.
SPF (Sender Policy Framework) is a public DNS zone that defines which email servers and/or ip address are authorized to send email. When you send email to a party the recipients mail system will check your SPF dns zone to verify the email they accept is sent from an authorized server to insure the email is not spoofed from a spammer masquerading as you. If that message is sent from a NON authorized server and FAILS SPF the recipients mail server may execute their own policy to drop or reject and bounce the email back to the sender or they may follow the rules defined in your DMARC record.
IMPORTANT if you use a third party system to send email such as mailchimp or a Customer Management system that uses their own mail server or an external webmail system to relay or send email on your behalf then you will need to ask the provider to give you their IP address or mail server hostname. If you are unsure please open a ticket and provide the mail server hostname or ip range or ask them to provide you an updated spf record our support staff will assist you in updating it. If you are technically capable you can do this via your cPanel / Domains / Zone Editor locate the SPF TXT record and append it.
SPF Update zone "record" Examples:
ADDING GOOGLE: DEFAULT: v=spf1 ip4:23.92.71.210 +a +mx +ip4:23.92.71.208/28 ~all MODIFY TO: iv=spf1 ip4:23.92.71.210 +a +mx +ip4:23.92.71.208/28 include:_spf.google.com ~all
ADDING A THIRD PARTY: v=spf1 ip4:23.92.71.226 mx a ip4:23.92.71.224/28 ~all MODIFY TO v=spf1 ip4:23.92.71.226 mx a ip4:23.92.71.224/28 include: ca.spf.tave.com ~all
The proper solution is to Set your SPF properly so it won't fail the SPF checks in the first place and therefore won't rely on the DMARC policy but you can also change your DMARC policy from reject to NONE using the cpanel / domains / zone editor and choosing the NONE option from the drop down and saving the record.
DKIM (DomainKeys Identified Mail), is an email authentication method that uses a digital signature to let the receiver of an email know that the message was sent and authorized by the owner of a domain. Once the receiver determines that an email is signed with a valid DKIM signature it can be confirmed that the email's content has not been modified. In most cases, DKIM signatures are not visible to end-users and exist as a hidden key in your email headers, the validation is done on a server level. If DKIM is used together with DMARC, or SPF you can protect your domain against malicious emails sent from domains impersonating your brand.
DMARC (Domain Message Authentication Reporting) is another public DNS zone that issues your preferred instructions to receiving mail servers how to process email that FAILS the SPF Check.
Lowesthosting sets a default DMARC of reject and you can modify the DMARC zone via your cPanel / Domains / Zone Editor and can be set to :
NONE which means take whatever action they wish or
QUARANTINE which means they retain it and mark as SPAM or
REJECT which means you are requesting they return the email to sender.
DNS can be extremely complex so if you have any questions please open a support ticket and provide the domain and the sending systems mail server or ip range and our staff will add it for you.