I’m not a spammer, damned SPF


What the hell is going on?

You have some website that serves customers via email or you have mass mailing service or your customers send emails through your service in their names or … you got it. But wait, some of these emails got into the spam folders. Or in worst scenarios didn’t reach targets at all. I and my clients were there.

There were no problems years ago, but last times web services and users are getting more and more error mails or their client complaining “there is no your email in my box”. Taking a provider’s imago to the lowest place on earth.

So why this happening and why some developers are frustrated about it? Maybe they don’t know how to set their DNS or don’t know how others’ DNS settings affect their services.

I try to explain this problem shortly.

Once upon a time, there was a spammer. He likes to sell v.i.a.g.r.a very much. Spending hundreds of hours collecting thousands and thousands of email addresses from websites. Maybe he just paid 5€ for millions of email addresses. And send them all an enlightening information about those blue pills. But insert harsh word here, most emails are filtered as spam. Luckily the spammer was a clever one and start sending emails in others’ names using others’ email addresses as a sender. The spammer was at the seventh heaven.

Until the monster has been born. The monster likes to eat emails, a lot of emails. Best sweeties are those emails that are pretending to be sent by another person. This monster does not separate systems into good and bad ones. It will burn every system that tries to intrude the owners’ property. Only some magical words like simsalabim will get you safely through.

So why on earth recipient’s monsters think that you are a spammer? For most situations the reason is using 3rd party mass mailing services. They run on a different domain than the domain in sender address you are using. This is like holding a huge poster saying I’m your sugar frosted enemy and you’ll be sure about getting some flames.

But yes, there are these simsalabims, the magic words. We call it SPF – Sender Policy Framework. Correctly used SPF words are the only method to get your message through. The twist is to declare to the monster that the mailing system is admitted by the domain in the sender’s email address.

So you really have the powers to keep these monsters calm!

You have to put these magic words into your domain’s DNS records. The words sound like – spiff, this sender server is authorized, but others are not

But technically this goes like this:

SPF is added to DNS as a TXT record. You can specify authorized servers in several ways. By referring to the domain’s current data, as an IP address or as a server domain.

your.net. TXT "v=spf1 mx a:massmailing.system.com -all"

You are telling with a:massmailing.system.com that the server on massmailing.system.com is authorized to send an email with your.net domain in the sender’s email address, like info@your.net. And with -all you declare that all others are not authorized. And obviously with mx you authorize servers in MX records to use your domain, otherwise, your emails will not reach the most of your recipients 🙂

Got it? You can authorize as many servers as you need in one record. Would it be easier for you to look at the simple SPF introduction and take a little study about all SPF syntaxes?

Good luck and have fun with a legal mass mailing!

Leave a Reply

Your email address will not be published. Required fields are marked *