Spam is still a big disappointment for email users. There’s always a need to prevent unwanted messages and keep mailboxes clean.

However, we are still unable to properly eliminate spam messages. But, settings like SPF or “Sender Policy Framework” help greatly to avoid email spam.

That’s why, we often get requests from customers to enable Plesk SPF spam protection as part of our Technical Support Services.

Today, we’ll see how our Support Engineers help our Plesk customers to solve the problem.

What is SPF spam protection?

Let’s understand what is  SPF Spam Protection.

Sender Policy Framework is an email authentication protocol that allows the authentication of a domain. The authentication, therefore, specifies which mail servers can send mail from the domain​. The main benefit of the SPF record is that it blocks spammers from sending emails from the domains.

A domain protected by SPF is less appealing to phishers. Because it ensures the delivery of only legitimate emails from the domain.  Again, it reduces the possibility of a domain blacklisted by spam filters too.

How do we enable SPF on a domain?

Most email services provide simple SPF configuration instructions and then handle the hard part of it.

Web Hosting Control Panels like Plesk have a simple method of enabling SPF in the Web Hosting Server for email authentication.

Now, let’s take a look at how our Support Engineers enabled SPF on a domain using Plesk control panel.

1. Initially, we logged into Plesk and clicked on the Domains on the left panel.
2. Then we clicked on the Open in Control Panel option for the relevant domain name.
3. Again, we clicked on the Website & Domains > DNS Settings and selected Add Record icon.
4. We selected TXT as a Record Type and left the Domain name field blank.
5. Also, we entered the generated SPF record (i.e v=spf1 a mx ~all ) in the TXT record field.
6. Applied the SPF record to the DNS zone and press “Update button“
7. Then we enabled domain keys by clicked on “Mail Settings“
8. After that, we clicked on Domain name.
9. Finally, we enabled the checkbox “Use DomainKeys spam protection system” to sign outgoing email messages.
10. Clicked Ok.

That helped us to enable SPF for a domain using Plesk.

Top 3 reasons and fixes for “SPF Protection” related issues in Plesk

The steps for enabling SPF protection looks pretty easy. But, from our experience in managing servers, we often see customers having different issues with Plesk SPF spam protection.

1. Existing SPF TXT

The most casual mistake while setting up SPF is having multiple TXT entries for SPF in domain’s DNS. Then, the receiving server will be confused to pick up the domain’s correct SPF TXT entry. Hence, this could result in valid servers failing SPF.

Firstly, we make sure that the domain do not have an existing SPF TXT entry. After that, we add SPF TXT entry correctly.

2. Server Spam Protection Settings

If you have an SPF TXT entry, then you have to add the service on Plesk server too. Only after enabling SPF protection service on the server, the Plesk SPF spam protection can function properly.

So, our Support Engineers always make it a point to turn on SPF protection by using  Tools & Settings > Server-Wide Mail Settings and configured it.

3. Missing SPF Record

Similarly, missing SPF records, or bad settings in Plesk SPF spam protection can also cause trouble and SPF can fail. In all cases, we double check that the domain has a valid SPF TXT entry.

On finding mistakes, we configure DNS SPF record properly.

How we fixed “SPF Protection” for a Plesk customer

Let’s see how our Support Engineers solved SPF Protection related issues in Plesk.

Recently, one of our customers contacted us with an issue regarding “Email spoofing”. The customer claimed the problem as “they received spam and emails from their own email address or even from addresses that don’t even exist“. Also, he said that the domain had proper SPF records set, allowing only certain IP’s and hosts.

Then, our Support Engineers took the following steps to troubleshoot the issue.

1. Firstly, we checked the logs at “/usr/local/psa/var/log/maillog”. There we saw the errors like,

/usr/lib64/plesk-9.0/psa-pc-remote[16671]: Unable to get sender domain by sender mailname
spf filter[18496]: Error code: (2) Could not find a valid SPF record
spf filter[18496]: Failed to query MAIL-FROM: No DNS data for 'mta.example.com'.

It clearly showed problems with SPF records.

2. In addition, we double checked that the domain’s DNS SPF record is valid:- go to Domains > example.com > DNS Settings and add TXT record.

Then, we saw that the domain’s SPF TXT was configured mistakenly. Furthermore, our Support Engineers corrected the issue by setting  SPF TXT properly.

3. Additionally, we turned on SPF protection on the server by using Tools & Settings > Server-Wide Mail Settings and configured it.

[Have trouble while enabling Plesk SPF spam protection? We can fix it for you.]

Conclusion

In short, “Plesk SPF spam protection” is an email authentication system designed to prohibit email spoofing. Today, we saw how our Support Engineers enabled “Plesk SPF spam protection” and fixed the related problems.