How To Configure SPF SPF, DKIM & DMARC on Bluehost

By Adrian StoianGuides

Recently, one of our customers had email deliverability issues with the outgoing emails sent from Bluehost & WooCommerce ( WordPress ). After several tweaks & tests we finally scored 9+ for the outgoing emails.

For this purpose, we used both manual checks & mail-tester.com online check tool.

Please note that we offer a limited discount for the “Set up SPF, DKIM, and DMARC” plan, available here:
https://members.magefix.com/product/spf-dkim-dmarc/

Set up SPF, DKIM, and DMARCFix email deliverability issues

Steps:

  • Enable WP Mail SMTP & fill valid email login from Bluehost cPanel. Mailer should be set to “Other SMTP”.
  • Enable Preview E-mails for WooCommerce for sending test emails.
  • Add the following SPF record for emails sent using Bluehost email servers. 
    v=spf1 +a +mx +ip4:50.116.0.0/16 +ip4:192.185.0.0/16 ~all
  • Enable DKIM & DMARC following the instructions from the Email Deliverability in cPanel. Make sure the proper TXT records are enabled.
    For DMARC, the default TXT records will be:
    host record: _dmarc & TXT value: v=DMARC1; p=none;

Notes:

a) The following SPF records will not work, and will generate errors: include:spf.websitewelcome.com, include:websitewelcome.com, include:bluehost.com.
To check your current SPF records, you may use MxToolbox SPF check tool: https://mxtoolbox.com/spf.aspx

b) The Sender Policy Framework (SPF) has a limit of maximum of 10 DNS lookups required to fully resolve an SPF record.
MxToolbox SPF tool will come in handy to check the number of DNS lookups.

c) If you are not happy with the Bluehost SMTP server, you may consider premium alternatives, such as Amazon SES, Mailgun & Sendgrid.

Tools

1. SPF Check & SPF Lookup https://mxtoolbox.com/spf.aspx
2. Newsletters spam test by mail-tester.com https://www.mail-tester.com

SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are two important email authentication methods that help prevent email fraud, spam, and phishing attacks.

  • SPF is used to verify that the sender of an email message is authorized to send email from the domain that appears in the sender’s email address.
  • DKIM is used to verify that the content of an email message has not been tampered with during transmission.

By using SPF and DKIM together, email recipients can be more confident that the email messages they receive are legitimate.