We are having a case of email spoofing since two months, many of our email accounts have been used to spam porn and dating mails which caused a flooding of email from Mail Delivery System with the subject like "Mail delivery failed: returning message to sender" and "Mail delivery deferred: returning message to sender". Obviously many undelivered emails are spam, but many others are legit business mails.
We are using cPanel Emails (through Roundcube, Horde, Mozilla Thunderbird and Microsoft Outlook). Web Ultimate Linux cPanel web hosting plan with SSL standard certificate.
@ 3600 IN TXT "v=spf1 mx include:secureserver.net -all"
After that apparently our email accounts were not used for spam, which seems not to be the truth, and now we are getting messages from Mail Delivery System about messages not delivered because the limit of max emails per hout was exceeded:the first message mention a 500 limit but the last ones mention just one message as the limit exceeded per hour.
Domain grupotwt.com has exceeded the max emails per hour (2/1 (200%))
allowed. Message discarded.
According with many of your tutorials setup the SPF in a TXT record is the way to go in cases of email spoofing, change the setup in the contact forms is other way, but all the email accounts affected by spam are not included on any webpage of our website.