Postfix: Setup DNS spf
Name/Host/Alias: Enter @ or leave it blank. Your other DNS records might indicate which entry is correct. Time to Live (TTL): Enter 3600 or leave the default. Value/Answer/Destination: Enter v=spf1 include:_spf.google.com ~all
onnocenter.or.id. IN TXT "v=spf1 mx include:_spf.google.com ~all"
Example 2 Allow mail from a specific host:
v=spf1 a:mail.example.com -all
The v=spf1 tag is required and has to be the first tag.
The last tag, -all, indicates that mail from your domain should only come from servers identified in the SPF string. Anything coming from any other source is forging your domain. An alternative is ~all, indicating the same thing but also indicating that mail servers should accept the message and flag it as forged instead of rejecting it outright. -all makes it harder for spammers to forge your domain successfully; it is the recommended setting. ~all reduces the chances of email getting lost because an incorrect mail server was used to send mail. ~all can be used if you don’t want to take chances.