Thursday, 17 September 2015

Understanding SPF DNS Records

SPF or “Sender Policy Framework” is a technique that aims to prevent email sender spoofing, and ultimately cut spam, it means that senders without a properly configured SPF record may be considered spam.
But if your business sends out email, and you want to make sure it isn’t marked as spam at your destination, then you might need to look at your SPF records.
The first step is to look at the headers of a received email, by a client that handles SPF, i.e. Gmail, and if you see something like spf=softfail ( domain of transitioning does not designate as permitted sender) , this means SPF is not configured correctly.
So, lets say, you know the sender is going to have IP address 1.2.3.4 – i.e. your outbound SMTP server. and your sender email is whatever@me.com – you need to then add a DNS TXT record to the domain me.com with the text
v=spf1 ip4:1.2.3.4 ~all
For the host “@” (non-www)
Then try sending the email again, and view the headers on the message, and it should say
Received-SPF: pass (google.com: domain of whatever@me.com designates 1.2.3.4 as permitted sender) client-ip=1.2.3.4;
This will come into play big time if you use Direct to MX software, or Amazon SES