Sender Policy Framework

about SPF and Sender ID | how to update yours

More ISPs are beginning to authenticate inbound emails by checking for SPF and Sender ID records – records that basically tell the ISP who sent the email and makes sure everything matches up.

How SPF and Sender ID work:

1. Your organization publishes a Sender Policy Framework (SPF) record. It’s a document that basically says: “This is who we are, and these are the people who send our emails.” Our own SPF records are up-to-date, but since we’re sending on your behalf, it’s important to make sure you’ve added us to your SPF record, too.

2. When Hotmail and other hosts receive your email, they’ll check your SPF record to make sure the return-path address (ours) matches the IP address (also ours). Easy. That checks out every time and always has. And most ISPs stop there. But with Sender ID, Hotmail will also check to make sure the IP address is an authorized sender for your “from” address.

3. If your email doesn’t pass both tests, Hotmail recipients may see a note at the top of your email that says something to the effect of: “The sender could not be verified by Sender ID.” It should only affect the display of your email, not its actual delivery. To avoid that note, you’ll simply add our delivery network to your list of authorized senders.

Is Sender ID a good thing?

Yes, indeed. Any efforts by ISPs and corporate servers to curb the amount of spam, spoofing, phishing and other bad emails that get in the way of the good ones is something we’re all pulling for. And we’re hopeful other ISPs will implement similar email authentication policies very soon. Like other efforts underway, Sender ID won’t single-handedly solve the problems of spam, spoofing, phishing and the like, but it’s yet another step in the right direction.

Will publishing an SPF record somehow give people access to my – you know – stuff?

No. All you’re doing is publishing a record that ISPs and hosts will access, in the way hosts access such things, when they receive your emails. And since more and more companies are using email service providers like us these days, adding us to your SPF record is a natural part of using the service.

back to top

How to Update Yours

1. Update your SPF record and add us to it.

-> Go to spf.pobox.com. In the SPF Wizard, enter your domain name and click ‘start.’ If you send emails from news@bobschateau.com, your domain is bobschateau.com.

-> A form will appear. Fill it out, using this screenshot as your guide. The two additions you’ll make will be to add e2ma.net (our delivery domain) to the include: field and to say yes to the final question, “Do the above lines describe all the hosts that send email from (your domain)?”

-> Below that final question, you’ll see your new SPF record. It will look something like this: “spf2.0/pra include:e2ma.net -all”. Copy it and paste it somewhere you can get to it. Like a blank email. Or the side of your bathtub.

2. Send your updated SPF record to your technical contact.

-> You’ll now add the updated SPF record to your domain’s DNS record. Which is to say that you’ll hand your SPF record to the person who handles DNS thingies for you.

-> If you’re not sure who your domain’s technical contact is, there’s an easy way to find out. Go to www.networksolutions.com and click the small whois button in the very top row of navigation buttons. At the whois screen, type your domain name into the box and search. Locate the “technical contact” in the list, and send your new SPF record his or her way. It’s a pretty easy update to make, so be sure and ask for a confirmation email when it’s done.

-> Once your DNS record has been updated, ISPs will be able to easily authenticate your emails on arrival, possibly improving your delivery rates.

back to top