Use the Authentication interface to secure your mail server more secure and view information about outgoing messages. You can use this feature to verify whether an email was sent from a trusted sender.
(Home >> Email >> Authentication)
cPanel’s Authentication interface allows you to enable or disable Domain Keys Identified Mail (DKIM) and Sender Policy Framework (SPF). These features provide information about incoming mail. The system uses this information to verify that a trusted sender sent the messages.
You may see a warning that the system cannot verify the server as an authoritative nameserver for the specified domain name. If either of the following scenarios is true, ignore the warning:
DKIM verifies the sender and integrity of a message. It allows an email system to prove that spammers did not alter an incoming message while in transit (forgery), and that the messages that your domains receive come from the specified domain.
If you already use the DSO PHP handler and you enable DKIM, emails that you send will not display any information in the
From fields in the email header. As a result, DKIM will show
nobody as the sender. If you use a PHP script, manually add the headers.
The following PHP script adds the missing fields to an email header:
$to = 'firstname.lastname@example.org';
$subject = 'the subject';
$message = 'hello';
$headers = 'From: email@example.com' . "\r\n" .
'Return-Path: firstname.lastname@example.org' . "\r\n" .
'Reply-To: email@example.com' . "\r\n" .
mail($to, $subject, $message, $headers);
SPF attempts to deny spammers the ability to send email while they forge your domain’s name as the sender (spoofing). SPF adds IP addresses to a list of servers that can send mail from your domains. It verifies that messages that your domains send originated from the listed server, which reduces the amount of backscatter that you receive.
Note: Run the
/usr/local/cpanel/bin/spf_installer script to add an SPF record to all of a user's domains' zone files.
You can use the following Advanced Settings options to further configure SPF: