In this post I’ll explain e-mail setup on a hosting server (using cPanel, though principle is similar for other control panels), as well as the needed setup in DNS fields. Separate posts explain SMTP mail sending with WordPress and Gmail account setup for website SMTP mail. Understanding the contents of this post is required in order to understand the noted two posts. Apart from hosting providers mail server, one can also use a separate (paid for) solution, such as MXroute – instructions for setup.
Protocol for e-mail exchange is far from a reliable one. In my experience: whoever says they can “guarantee” (always ask: “with what – money, reputation, or something third?”) – is either consciously lying, or just not experienced enough.
Still, I think it is good and worth doing what is up to us to create the highest possible probability for the e-mails to:
- Arrive to the intended recipient, without getting blocked by spam filters.
- Once they arrive, to end up in the “inbox”, not the “spam” folder.
This all starts with setting up SMTP server and relevant DNS fields, as will be explained.
2. Creating an e-mail account within cPanel
I will assume that SSL/TLS certificates have been set up properly and will not be explaining their setup here. I don’t recommend sending e-mails without SSL/TLS connection, because then the e-mail contents can be more easily seen by third parties and they are more likely to be marked as potentially “insecure/spam/phishing”. Now, let’s get to the point:
Log in to cPanel. Go to e-mail options.
If the email has already been created, click “Connect Devices” to see the important setup information (it is understood that you know the password). If not, click “+ Create” in order to create it.
When creating a new e-mail account, enter the desired name, password, limits and click “+ CREATE”.
Now, [email protected] will be shown in the e-mail account list shown in picture 2. Click “Connect Devices” for that account.
You’ll get a list of SMTP client settings. Use the blue SSL/TLS options (shown in picture 4).
If everything is set up properly (SSL/TLS certificates set up for mail.yourdomain.com), the mail server name is usually “mail.yourdomain.com” – in this case “mail.elektrobicikli.com”.
Information shown in picture 4 will be needed to setup mail clients, write it down.
3. DNS setup for e-mail
DNS records important for reliable e-mail delivery (and sender verification) are the following:
SPF and DKIM should have been automatically created. I’ll explain how to check this with cPanel. If you are using Cloudflare (or a custom DNS), you should set them up there as well, within DNS options.
Go to cPanel’s Zone Editor.
There you’ll see the SPF and DKIM records – both are “TXT” type. If a custom DNS is used, they should be created there, copy-pasting the values from the right hand column shown in picture 6.
DMARC record needs to be added. How this is done in cPanel’s Zone Editor is shown in picture 7. Principle is the same for all the other DNS-s.
After this all has been set, one should wait for the DNS propagation to finish. It takes up to 48 hours, though usually finishes within one hour. If using Cloudflare, it’s often done within 15 minutes.
An excellent article that thoroughly explains SPF, DKIM, DMARC and how it all combines for email verification and preventing email spoofing:
On that link you can find instruction on how to setup DKIM field to be a bit more complex, offer better spoofing protection and define an email address where reports of emails that fail SPF and DKIM verification will be sent. In short, an example of better DMARC setting for a start:
v=DMARC1; p=none; rua=mailto:[email protected]; ruf=mailto:[email protected]; sp=none; adkim=s; aspf=s; fo=1;
Then, if no problems are reported on your report email ([email protected] in this example) and you confirm there are no problems with email delivery, you can set stricter options (on the report email you will get reports in case someone tries your domain mail address spoofing):
v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]; sp=reject; adkim=s; aspf=s; fo=1;
For more details, see the above noted article.
For testing I use mail-tester.com. Open the mail-tester website and follow instructions. Basically, you are to send an e-mail to a designated address, using the account you wish to test.
A separate article explains how to setup SMTP e-mail sending for a WordPress website.
Picture 9 shows the test results and I’ll explain below it what it means.
First yellow checker explains there is no “Unsubscribe” option for unsubscribing from e-mail lists. If you are sending mailing lists, this should be implemented. For “ordinary” e-mails, it is not necessary.
The red “-1” field says that the IP address of the SMTP server I’m sending the e-mail from is listed in at least one blacklist. Which means that someone has been sending spam from that address. If you are on a shared hosting server, then it’s the hosting provider’s job to prevent the sending of spam and to get the server’s IP address off the black lists. If you have your own, dedicated IP address, then it’s your fault and your job to fix it.
Various e-mail sending services, such as SendGrid, charge extra for a dedicated IP address. If using the free IP option, it will most likely be on at least a few blacklists, since many spamers use such services.
Likewise, some services, like MXroute, strictly “cut” spamers of their servers, so there aren’t any problems even with shared IPs.