Getting your Emails Delivered if your CPanel does not Control Your Domain
February 20, 2019

Getting your Emails Delivered if your CPanel does not Control Your Domain

I use lunarpages as one of my hosting providers - they have been a very reliable partner since I started using them in 2000. I only ever had an issue once, when one of my sites was hacked. Lunarpages was able to get a backup restored. I had to pay for the service but that was fine. So I would definitely recommend them.

I do NOT recommend them for managing your domains. They have some arrangement with OpenSRS, which is "the domain name reseller services division of Tucows, a company based in Canada engaged in selling domain names..."

If you do use them to manage your domains, you'll be able to set some domain specific information within your CPanel (we did not have this for the first 10 years), but other changes you will have to manage through which literally looks like this:


Personally, I've moved my domains over to and (for my .hu and .eu domains).

Turn on SPF and DKIM in CPanel

Over the years various schemes have emerged all with the aim of preventing spam through 1) verification of the sender's identity and 2) verification that the message has not been tampered with. SPF and DKIM are two such technologies, and there is a third called DMARC.

SPF and DKIM verification verification can be turned on very easily in Lunarpages' CPanel (and I assume many other CPanel installations). Simply go to Authentication:

and enable both SPF and DKIM. Really you should not need to change anything else.

What is not obvious is that in the background this does two things:

  1. It configures the mail delivery software on your shared host to extract a hash of your email message and include that hash along with your email message, thus making it possible for recipient software to verify that the message has not been tampered with during transport by any of the intermediary servers
  2. It sets some txt records in your domain to enable your recipients to decipher and authenticate your message, and to verify that the owner of the domain name is aware that your host's email servers are sending emails on its behalf

BUT since you do not host your domain names in the same place as where you have your mail server, CPanel will not be able to actually set the correct txt records. Or rather, it will set the txt records locally, but these will not actually be set on your DNS records. So you will have to take these steps manually!

Sort out your SPF and DKIM txt Records

This turns out to be quite simple. First, in your CPanel go to the Zone Editor:

and at the same time, in your google domains (or other) control panel go to where you can set custom DNS records:

You will now need to recreate some of the records set up CPanel on your actual DNS settings page. Taking one of my domains as example, I needed to recreate the following records:

Type Record Value Explanation
A or CNAME 123.456.789.000 This should point to your email server
MX This reroutes Mail Exchange requests to your email server
TXT default._domainkey. v=DKIM1; k=rsa; p=MIIBIjANBgkqhki... Necessary for DKIM
TXT v=spf1 +a +mx +ip4:6... Necessary for SPF


There are various services to help you verify that you configured everything correctly:

Getting your Emails Delivered if your CPanel does not Control Your Domain
Share this