What to know about SPF and TXT Records in AWS

When a server sends an e-mails from a domain techdirectarchive.de or techdirectarchive.com, the Internet Protocol (IP) needs an SPF record to get identified as a trusted sender.

Step-by-step guide for adding an SPF record
– Sign in to the AWS Management Console.
– Navigate to Route 53 dashboard at https://console.aws.amazon.com/route53/
– In the left navigation panel, under Dashboard,

– Click Hosted Zones. e.g. techdirectarchive.com
– Click on the domain name hosted zone that you want to update.
– On the DNS hosted zone page,
– create a new SPF record by completing the following actions
– Click Create Record Set button from the dashboard top menu.
– Leave the Name field empty.

From the Type dropdown list
– Select SPF – Sender Policy Framework.
In the Time To Leave (TTL) in seconds field,
– Enter a value of 3600 (1 hour) for Time to Live.

In the Value text box,
– Enter the SPF value required, e.g. “v=spf1 include:_spf.google.com-all”.

Note: If you do not use Google mail servers, replace include:_spf.google.com with the authorised mail server hostame/IP address e.g. “v=spf1 ip4:IPAddress/32-all”.

From the Routing Policy dropdown list,
– Select Simple as the routing method for the SPF DNS record.
– Click Create to add the new SPF record to the DNS hosted zone.

If you have multiple DNS hosted zone without SPF record sets (see the Audit section to determine which domains require SPF records). https://www.cloudconformity.com/conformity-rules/Route53/sender-policy-framework-record-present.html

Note: Adding a SPF record also requires a TXT record

Step for adding an TXT record
– Sign in to the AWS Management Console.
– Navigate to Route 53 dashboard at https://console.aws.amazon.com/route53/
– In the left navigation panel,
– Under Dashboard,
– Click Hosted Zones.
– Click on the hosted zone that you want to update (e. g. techdirectarchive.com).
– On the DNS hosted zone page,
– Create a new TXT record by completing the following actions
– Click Create Record Set button from the dashboard top menu.
– Leave the Name field empty.
– From the Type dropdown list
– Select TXT – text.

In the TTL (Seconds) field,
– Enter a value of 3600 (1 hour) for Time to Live.
In the Value text box, enter the TXT value required, e.g. “v=spf1 mx ip4:IPAddress/32 a:spf.protecxxx.outlook.com a:spf.crsend.com -all”.
– From the Routing Policy dropdown list,
– Select Simple as the routing method for the TXT DNS record.
– Click Create to add the new TXT record to the DNS hosted zone.