These instructions explain how to improve Email Deliverability on your cPanel hosting account. The Email Deliverability page includes several features designed to enhance email authentication, helping email systems verify genuine emails, prevent email spoofing, and reduce spam.
By default, DKIM and SPF are enabled for all domains. However, some domain setups may use non-standard settings that require adjustments. If you experience email deliverability issues, we recommend verifying and adjusting the email authentication settings rather than disabling them.
- Login to your cPanel control panel.
- Go to the Email Deliverability page.
- You’ll see a list of all the domain names on your hosting account. Find your domain name in the list and click on the 'Manage' button.
- For each domain name, you can manage the DKIM (DomainKeys) and SPF (Sender Policy Framework) technical records. These are enabled by default and the page will normally report "Valid" for each one. If your domain registration is still pending, or there's some other issue, it might report 'Invalid'.
- You'll see a section called DKIM. There will normally be text confirming DKIM is "properly configured for this domain". DKIM (DomainKeys) is an email authentication system that verifies whether incoming emails are actually sent from the listed sender. If it is reporting Valid, you don't need to do anything else.
- You’ll see a section called SPF. When a mail server receives an email claiming to be from your domain, it may check the SPF records to verify whether the sending server is authorised. SPF (Sender Policy Framework) helps prevent email spoofing. Email spoofing is when spammers use an insecure email server to send emails purporting to come from your domain name. There will normally be text confirming SPF is "properly configured for this domain".
- If you use a third-party email provider (e.g. Google Workspace, Microsoft 365) or a mailing company (e.g. MailChimp, Constant Contact), you must configure the advanced settings to ensure proper email authentication. These providers send emails on behalf of your domain, so their details must be included in your SPF record to prevent deliverability issues. Contact your provider’s technical support team for the exact details to add.
- Additional Hosts
- Additional MX Servers
- Additional IP Blocks
- Include List – This is normally where you'll add email providers like Google Workspace or Microsoft 365. You must ask your provider for the correct SPF record settings. If you do not use a mailing service or third-party provider, leave these settings as default.
- All Entry – We strongly recommend ticking this box, as the settings won't be effective without it!
(Technical explanation: Ticking this box changes the SPF mechanism from “?all” (used for statistics and analysis) to “-all”, which means that the mail server will reject all emails that do not match the authorized mail servers and IP addresses in your SPF record.) - Overwrite Existing Entries – Leave this ticked and click the Update button.
- All done! Hopefully, you’ll see fewer nuisance emails and less spam.
You can further enhance email deliverability and protect your domain from unauthorised use by setting up DMARC records. We have a step-by-step guide on how to do this here: How to create a DMARC record - Maxer
Updated by PA on 10/02/2025
