Follow

It has come to our attention that an increasing number of email servers on the internet are employing a form of anti-spam protection known as the Sender Policy Framework (SPF). SPF is a technical method to prevent sender address forgery. Since nearly all abusive and unwanted email messages carry fake sender addresses, SPF is a reliable means of reducing the transmission of spam on the internet.

How SPF Works

SPF prevents sender address forgery by allowing the owner of a domain to specify which mail servers they use to send mail from their domain. The technology requires two sides to work together: (1) the domain owner publishes this information in an SPF record in the domain's DNS configuration, and when someone else's email server receives a message claiming to come from that domain, (2) the receiving server performs a DNS check to determine whether the message came from one of the domain’s authorised servers. If the email fails this test, it can be considered a fake (i.e., it did not come from the domain).

How SPF Impacts Eploy Users

As a business, you probably have a domain (yourbusiness.co.uk) and email hosting associated with that domain. Your email addresses will be of the form user@yourbusiness.co.uk. Your email hosting provider will have correctly configured your domain and email hosting in relation to SPF. However, problems may arise when you send email through your eploy system purporting to come from your domain. Even though you are, in fact, the legitimate owner of the email address you are using on your eploy email, the email may appear to be a forgery because it is not being sent from one of your domain’s authorised servers (it is being sent from an eploy server). In other words: if you perform an email merge using eploy, and the eploy server is not authorised to send email from your domain, a percentage of those emails will fail due to SPF checking. It is impossible to say what this percentage is, but it is certain that this percentage will only increase as SPF checking becomes more prevalent on the internet. Consequently, it is important to address this issue as soon as possible.

What To Do

To solve this problem, you need to add an SPF record to your domain that adds the eploy servers to your domain’s list of authorised servers. The exact method for doing this will depend on where you registered your domain. We cannot provide explicit instructions for each registrar (there are hundreds), so it is up to you to find out how this is done.

If you feel comfortable following technical instructions – and assuming your domain registrar provides the facility for you to add SPF records to your domain’s zone file – you can make the required changes yourself. You will need to generate an SPF record using a site on the internet. You will then need to use your domain registrar’s control panel to add the record to your domain’s zone file. Please see the instructions below on how to generate an SPF record.

If you do not feel comfortable doing this yourself, you will need to contact your domain registrar’s technical support helpdesk and ask them to do it for you. The following is an example of a simple email you can use to request the required DNS change:

I would like to add an SPF record (or modify an exiting SPF record) to my domain mydomain.co.uk that permits email to be sent from the following server. Please add it as an include record (“include:”):

_spf.eploy.co.uk

You will need to substitute your domain name for mydomain.co.uk in the text above.

For more information on SPF Records click here:

http://www.openspf.org/SPF_Record_Syntax

Generating an SPF Record (Technical)

There is a site on the internet that enables you to generate SPF records. An SPF record is simply a line of text. Once you have generated the record, it must be added to your domain’s “zone file” which is publicly accessible to other computers on the internet. We will use the following site to generate the SPF record:

http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

Please go to the site above and follow these steps. It is important to enter the server names exactly as shown, otherwise it might not work.

  1. In the Inbound Servers section select the “Domains inbound servers …” option.
  2. In the Outbound Mail Servers section select ”ALL addresses in A records may send mail”. Tick the IP addresses listed.
  3. In the Outsourced Domains section where it mentions “additional domain names whose SPF records refer to a valid outbound e-mail server” enter the following: _spf.eploy.co.uk
  4. In the Default section select “Neutral…”
  5. In the Scope section select “Both”
  6. Click Next

The page will then generate a text string similar to this:

v=spf1 a mx include:_spf.eploy.co.uk mx:mx1.emailsrvr.com mx:mx2.emailsrvr.com ?all

This can then be added to your domain record.

 

 

 

Powered by Zendesk