Email Authentication to Prevent Spoofing (SPF & DKIM)

Unfortunately it's often the case that spammers will use real addresses when they send out spam, this could very easily be your email address and despite the fact that you didn't send it and it's never been anywhere near our servers, you receive the delivery failures and bouncebacks (known as backscatter)... Very annoying!

We can't stop the spammers sending the emails, but what we can do is tell the email servers around the world that the spammers weren't authorised to send those emails (most good mailservers will check, but there's a lot of badly configured mailservers out there as well which will still trigger backscatter).

  • Login to your cPanel
  • Go to Mail -> Email Authentication


DKIM helps verify the sender and integrity of a message. It allows an email system to prove that a message was not altered during transit (meaning it is not forged), and that the message came from the specified domain.

  • To use DKIM, click Enable.
  • To disable DKIM, click Disable.

This function attempts to prevent spammers from sending email while forging your domain’s name as the sender (spoofing). This authentication function works by adding IP addresses to a list, specifying computers that are authorized to send mail from your domain(s). It verifies that messages sent from your domain(s) are coming from the listed server, reducing the amount of backscatter you receive.

  • To use SPF, click Enable.
  • To disable SPF, click Disable.
For advanced options please review the cPanel Documentation. You'll need to add some advanced options if you use third party mailing list software (like Mailchimp or CampaignMonitor) or a shopping cart that isn't on our servers.
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

Email quota reports 0MB used, but account is over quota

If your email account is reporting that you are over quota, but cPanel says you have used 0MB...

AJAX Failure errors in the email section of cPanel

In a recent update to cPanel, AJAX scripting was implemented to make menus "slide" and "expand",...

Retaining old email

We don't retain all your old email by default at the moment (there may be a solution coming soon...

Cannot send email (but can receive)

  For a long while we've encouraged all users to use SMTP Authentication whilst sending...

Email fails intermittently

If your email service appears to be intermittent (and eventually stops altogether) then your...