A Sender Policy Framework (SPF) record is a DNS record that identifies specific mail servers that are allowed to send email on behalf of your domain. This article will help you understand why these records are important, and why you should create a record.
SPF records prevent spammers from sending messages with bogus From: addresses attached to your domain. This stuff gets fairly technical, but let’s keep it simple for now.
Have you ever received one of those nonsense emails that looks like it’s from PayPal, but is actually from a spammer posing as PayPal? This is called a “spoof” email, because it’s quite easy to fake the domain associated with an email (like PayPal in this case). SPF was created to combat these sorts of fake sender issues.
Unless you set up custom outgoing settings, Magham sends emails on your behalf when you reply to a customer. For the sake of illustration, let’s say your mailbox address is firstname.lastname@example.org. When you reply to a customer and the email goes out, the customer’s server will ask the following questions:
In our example, the “who” is email@example.com and the “sender” is Magham. Without an SPF record specifying Magham as an approved sender, it’s likely your email will be marked as spam. If there is an SPF record that includes Magham as an approved sender, then it’s virtually guaranteed to skip the spam filter. That’s why this is so important!
SPF records are added to your domain’s DNS as a TXT record. Magham only supports TXT type records, as the SPF type records are no longer supported. To authorize emails sent by Magham, the record should look something like this:
v=spf1 a mx include:websitewelcome.com ~all
The SPF/TXT records can also be combined for multiple domains, using the “include” mechanism (ie. v=spf1 a mx include:websitewelcome.com include:mydomainemail.com ~all). It’s worth noting that all SPF records must limit the number of mechanisms and modifiers that do DNS lookups to a maximum of 10 per SPF check.
If it the lookup does exceed 10, an error will be thrown. The “include”, “a”, “mx”, “ptr”, and “exists” mechanisms as well as the “redirect” modifier do count against this limit; while the “all”, “ip4”, and “ip6” mechanisms do not require DNS lookups and therefore do not count against this limit.
Note: You’ll need access to your domain host control panel to add or modify a record. If you’re already scratching your head on this one, get in touch with your nearest IT person and tell them what’s up. Send them this article and they’ll know what to do.