SPF Record: Difference between revisions

Back up to the Email Category
From AAISP Support Site
mNo edit summary
mNo edit summary
Line 7: Line 7:
However, customers may be able to add a SPF record to their domain to help get their messages through. In short, an SPF record says which email servers are allowed to send messages for you.
However, customers may be able to add a SPF record to their domain to help get their messages through. In short, an SPF record says which email servers are allowed to send messages for you.


Typically, our customers would use smtp.aa.net.uk to send email - however thought must be given to other servers that may also send email from your domain - eg you may have a 3rd party web server or some other service that sends email on our behalf - these would want to be included too.
Typically, our customers would use <code>smtp.aa.net.uk</code> to send email - however thought must be given to other servers that may also send email from your domain - eg you may have a 3rd party web server or some other service that sends email on our behalf - these would want to be included too.


To cover the IP addresses of the A&A email servers, you can include <code>_spf_include.aa.net.uk</code>, eg:
To cover the IP addresses of the A&A email servers, you can include <code>_spf_include.aa.net.uk</code>, eg:
Line 15: Line 15:
This says to accept email from the mx records (<code>mx</code>) and A&A's published list of IP addresses (<code>include:_spf_include.aa.net.uk</code>) , everything else should be marked as possible junk (<code>~al</code>).
This says to accept email from the mx records (<code>mx</code>) and A&A's published list of IP addresses (<code>include:_spf_include.aa.net.uk</code>) , everything else should be marked as possible junk (<code>~al</code>).


Thi sis just a brief example, there are lots of information and spf 'generators' on the internet. The main thing to do is to test what you have added by looking at the headers of email that has been received by Gmail/O365 etc)
This is just a brief example of SPF, the record above will be useful to customers who only send email via <code>smtp.aa.net.uk</code>. There are lots of information and SPF 'generators' on the internet. The main thing to do is to test what you have added by looking at the headers of email that has been received by Gmail/O365 etc)


==Testing with Gmail==
==Example, Looking at Gmail headers==
You can send an email to a gmail address, and then look at the received headers to see what Gmail think about the SPF records. (In gmail, open the email, click the 3 dots and select show original)
You can send an email to a gmail address, and then look at the received headers to see what Gmail think about the SPF records. (In gmail, open the email, click the 3 dots and select show original)



Revision as of 09:15, 20 June 2019


Many of the large email providers (Gmail, Yahoo, Office 365) are getting picky about accepting email that has no 'validation' mechanisms. Even if your email is not spam or junk they may treat it as so and either reject the message or put it in the recipients junk folder.

Whilst we don't provide DMARK or DKIM features on our email service customers are are welcome to use their own email servers and configure them as they wish.

However, customers may be able to add a SPF record to their domain to help get their messages through. In short, an SPF record says which email servers are allowed to send messages for you.

Typically, our customers would use smtp.aa.net.uk to send email - however thought must be given to other servers that may also send email from your domain - eg you may have a 3rd party web server or some other service that sends email on our behalf - these would want to be included too.

To cover the IP addresses of the A&A email servers, you can include _spf_include.aa.net.uk, eg:

v=spf1 mx include:_spf_include.aa.net.uk ~all

This says to accept email from the mx records (mx) and A&A's published list of IP addresses (include:_spf_include.aa.net.uk) , everything else should be marked as possible junk (~al).

This is just a brief example of SPF, the record above will be useful to customers who only send email via smtp.aa.net.uk. There are lots of information and SPF 'generators' on the internet. The main thing to do is to test what you have added by looking at the headers of email that has been received by Gmail/O365 etc)

Example, Looking at Gmail headers

You can send an email to a gmail address, and then look at the received headers to see what Gmail think about the SPF records. (In gmail, open the email, click the 3 dots and select show original)

No spf:

ARC-Authentication-Results: i=1; mx.google.com;
      spf=neutral (google.com: 81.187.30.51 is neither permitted nor denied by best guess record for domain of xx@xx.org.uk) smtp.mailfrom=xx@xx.org.uk

With spf

ARC-Authentication-Results: i=1; mx.google.com;
      spf=pass (google.com: domain of xx@xx.com designates 81.187.30.52 as permitted sender) smtp.mailfrom=xx@xx.com