Let's Be DMARC Compliant

[email protected]

Meet GoDMARC, To save your domain from spoofing and phishing attacks.

What is SPF?

The Sender Policy Framework (SPF) is one of the most widely used email-authentication techniques that helps prevent spamming. With this safety protocol implemented you will be able to prevent spammers from misusing your domain and publish authorized mail servers. With this technology messages from unauthorized IP addresses are marked as suspicious, or rejected depending on the policy that is included in your SPF lookup record

At GoDMARC we implement SPF together with DMARC (Domain-based Message Authentication, Reporting & Conformance) related information and provide the recipient server detailed information on the authenticity of the origin of an email using DNS (Domain Name Service). Once this has been implemented it would give your organization complete control to specify which email servers can send emails from your organization’s domain

We create custom SPF records set by adding unique alphanumeric string before all mechanism that would be used by the recipient server to validate the authenticity of your email. With custom values defined the recipient servers get important information which can be used to verify the source of the email and take necessary steps in terms of sending it to the Inbox of the user.

Why SPF is Important?

ISPs have put in strongest security checks to prevent the menace of spam and fake emails. All ISPs these days use email authentication and most of them automatically flag message as SPAM or warn the users when the sender’s credentials cannot be authenticated. Without your emails being authenticated the likelihood of them landing up at the SPAM folder increases which hurts your email marketing campaign. This is where implementing SPF isn’t optional anymore but a must if you wish to maximise the impact of your email marketing campaign.

Hard Fail vs Soft Fail

In the event of SPF record analyser unable to find the sender’s IP address in the SPF record, an SPF failure may occur. In such a scenario the emails can land up in a recipient’s spam folder or be discarded all together. There are two scenarios here – Hard Fail and Soft Fail. Let us now take a look at the two scenarios using examples

Example of SPF Hard Fail:

v=spf1 ip4:192.168.0.1 -all

In the example above the “– (minus sign)” before “all” denotes that emails originating from senders who addresses aren’t listed in the this SPF record would be treated as "hardfail". Hence all emails originating from this source would be treated as unauthorized and discarded immediately. Only the IP address mentioned (192.168.0.1) is authorized to send emails and these would be treated as validated.

Example of SPF Soft Fail:

v=spf1 include:spf.protection.outlook.com ~all

In the above example “~ (tilde sign)” before “all” denotes that servers that are not listed on the SPF record should be considered a "softfail". This would ensure that the mails go through to the recipient but that would be categorized as suspicious or spam. In this example “include:spf.protection.outook.com” would authorize Outlook or Office 365 to send emails. Emails that originate from servers other than mentioned would be categorized as spam.

It is however important to remember that the recipient server isn’t likely to honour the requested behaviour irrespective of the failure mode you specify.

Emails are sacrosanct for modern businesses and any forgery with them can hurt your brand reputation. To ensure your business email is tamper-proof you need to implement SPF without any delay. Get in touch with our team to know more about SPF and how your organization can benefit from it. We shall secure your email system and prevent it from being forged implementing the latest safety protocols.

Sender Policy Framework (SPF), is a protocol which not only allows an organization to authorize hosts and networks to use its domain names when sending an email but also provides a way that a receiving host can check that authorization.

SPF Sender ID is vital for email campaigns. It works as an authenticator that classifies your messages as non-spam. Many popular servers like Hotmail, Yahoo, and Google use SPF as an authenticator. Every business is recommended to use the SPF to make email marketing campaigns safe.

SPF is a beneficial technique to add authentication to your emails. However, it has some limitations which you need to be aware of.

  • SPF does not validate the “From” header. This header is shown in most clients as the actual sender of the message. SPF does not validate the “header from”, but uses the “envelope from” to determine the sending domain.
  • SPF will break when an email is forwarded. At this point the ‘forwarder’ becomes the new ‘sender’ of the message and will fail the SPF checks performed by the new destination.
  • SPF lacks reporting which makes it harder to maintain.

An SPF record has different settings also known as mechanisms. The record is evaluated in order, from left to right. So, if an email host fails to be included according to the first mechanism, it will check the second, third, etc. until it either passes one or fails all checks. If it fails all mechanisms, it will do nothing. This is where it becomes important to include an 'all'mechanism to catch them.

The objective of a SPF record is to determine and stop spammers. Also, it is used to prevent messages with fake ‘From’ addresses on your business domain.