As an increasing number of email servers on the internet are employing a form of anti-spamming protection known as the Sender Policy Framework (SPF) – Steps need to be taken to ensure that your email domain(s) have an SPF Record set up correctly. This will ensure that emails sent through Eploy are delivered consistently.
SPF Records allow domain owners to publish a list of mail servers that are authorised to send email on their behalf.
The likelihood is that an SPF record will already have been set up against your organisations domain(s) to include Eploy’s multiple mail servers during initial system set up. During our regular checks we have noticed that many clients have not set up SPF records correctly meaning there is an increasing likelihood that many emails are not reaching their intended destination.
To make things simpler we have consolidated all our webserver IP addresses into a single entry. This also gives us the flexibility we need to offer greater mail merging functionality in the future.
How SPF Works
1. Sender sends an e-mail to Receiver.
2. Receiver’s inbound e-mail server receives e-mail and calls its Sender ID Framework.
3. The Sender ID Framework looks up the SPF record of the domain that Sender is using for sending the mail.
4. The receiving Mail Transfer Agent (MTA) determines if the outbound Mail Server IP address matches IP addresses that are authorized to send mail for the user.
What you need to do
Request that your domain hosting company/Registrar make the changes
If you do not feel comfortable making the changes yourself, you can contact your domain Registrar’s technical support team and ask them to make the changes for you.
The following is an example of a simple email you can use to request the required DNS change:
I would like to add an SPF record (or modify an existing SPF record) to my domain(s) (Specify). Please add the entry below as an include record (“include:”):
_spf.eploy.net
Once added - remove any of the following entries if they appear within that SPF record:
• 83.138.131.88
• 83.138.131.89
• 83.138.131.92
• 92.52.95.58
• web1.itssystems.co.uk
• web2.itssystems.co.uk
• web3.itssystems.co.uk
• web4.itssystems.co.uk
Making the changes yourself
The required changes need to be made within your domain Registrar’s control panel by adding the record to your domain’s zone file.
The list of authorized sending hosts for a domain is published in the Domain Name System (DNS) records for that domain in the form of a specially formatted TXT record.
The exact method for doing this will vary slightly depending on where you registered your domain. We cannot provide explicit instructions for each Registrar, so you may need to contact them to request the relevant documentation which outlines the process specific to them.
Checking for Existing SPF Records on your Domain(s)
You can check if you have any existing SPF records on your domain by using an “SPF lookup Tool” - Click on the following link mxtoolbox - Enter your domain and click “SPF Record Lookup”
Scenarios:
1. You have No SPF records set up
Action: Refer to the “Generating an SPF Record Guide” below
2. You have an existing SPF record WITHOUT Eploy’s mail servers specified
Action: Refer to the “Generating an SPF Record Guide” below
3. You have an existing SPF record WITH entries relating to Eploy’s individual mail servers.
Action: Refer to the “Generating an SPF Record Guide” below
4. You have an existing SPF record which contains a “Catch all” entry for Eploy’s mail servers
“_spf.eploy.net”
Action: No Action needs to be taken
Generating an SPF Record
An SPF record is simply a line of text. Once you have generated the record, it must be added to your domain’s “zone file” which is publicly accessible to other computers on the internet.
You can use the following site to generate the SPF record:
Go to the site above and follow these steps. It is important to enter the server names exactly as shown.
1. Enter the domain name for which you want to create a new SPF record – Click Start
2. The next page will “Display Published DNS Records” – Check the given information and click on Next
3. In the “Inbound Mail Servers Send Outbound Mail” section - Ensure the “Domain's inbound servers may send mail” option is ticked.
4. In the “Outbound Mail Server Addresses” section – Make sure that “ALL addresses in A records may send mail” is Ticked.
Untick any of the Eploy related entries shown below (this is our old method):
• 83.138.131.88
• 83.138.131.89
• 83.138.131.92
• 92.52.95.58
• web1.itssystems.co.uk
• web2.itssystems.co.uk
• web3.itssystems.co.uk
• web4.itssystems.co.uk
5. In the “Outsourced Domains” section where it mentions “additional domain names whose SPF records refer to a valid outbound e-mail server” enter the following (this is our new method):
_spf.eploy.net
6. In the “Default” section we suggest selecting “Neutral” – as you may have other systems that also send emails on behalf of your domain that are not in your SPF record – it is up to you which option you prefer.
7. In the “Scope” section select “Both”
8. Click Next
The page will then generate a text string similar to the examples below:
v=spf1 mx include:_spf.eploy.net ?all
v=spf1 a mx include:_spf.eploy.net mx:mx1.emailsrvr.com mx:mx2.emailsrvr.com ?all
This can then be added to your domain record as a new entry or as a replacement for the existing one.