Many internet service providers out there are looking for ways to make it easier to verify the legitimacy of inbound emails and prevent bad things like spam (where someone sends you email you didn't want) and phishing (where someone sends you an email you didn't want and says, "Hey, what's your bank account password?"). Over the past few years, Hotmail in particular has taken greater measures to help authenticate inbound emails by implementing a program called Sender ID. It uses something called an SPF record to make sure that the email address you're sending from is one that you've authorized to send on your behalf.
In this guide, we'll cover the basics of how an SPF record works and how to make sure yours is up to date. (If you're an Emma agency partner offering email marketing services to your clients, you'll also want to read our agency tips.)
What's an SPF record?
An SPF record is the part of your domain's technical signature (known as a DNS entry) that allows receiving servers to see which senders (like Emma) are allowed to send emails on behalf of your domain. It's important to make sure that Emma is listed on your SPF record, since we're sending emails on your behalf.
Will it take me long to update?
No. Including the time it will take you to read this guide, it shouldn't take more than fifteen minutes for you and your email administrator to add Emma to your SPF record.
How do SPF records work?
Most email domains have a Sender Policy Framework (SPF) record. It's a document that basically says: "This is who we are, and these are the people who send our emails." Emma's own SPF records are up to date, but since we're sending on your behalf, with your email domain in the From Address, it's important to make sure you've added Emma to your SPF record, too.
When servers receive an Emma-powered email, they'll check our domain's technical record (called a DNS record) to make sure the return-path address (ours) matches the IP address (also ours). Easy. That checks out every time and always has. And most servers stop there. But some hosts will also check your domain's SPF record to make sure our domain and IP addresses are authorized to send on your behalf.
What happens if they don't?
If your email doesn't pass both tests, a small (but growing) portion of servers may not deliver your email. Specifically, Hotmail has implemented a program called Sender ID that checks SPF records. If we're not listed on your SPF record, Hotmail recipients may see a note at the top of your email that says something to the effect of: "The sender could not be verified by Sender ID." It should only affect the display of your email, not its actual delivery. For now. But in the future, it's possible that Hotmail may require this step for delivery, and that's why it's a good idea to set up your SPF and Sender ID records now.
Are SPF records a good thing?
Yes, indeed. Any efforts by ISPs and corporate servers to curb the amount of spam, spoofing, phishing and other bad emails that get in the way of the good ones is something we're all pulling for. And we're hopeful other ISPs will implement similar email authentication policies very soon. Like other efforts underway, Sender ID won't single-handedly solve the problems of spam, spoofing, phishing and the like, but it's yet another step in the right direction.
Will publishing an SPF record somehow give people access to my stuff?
No. All you're doing is publishing a record that ISPs and hosts will access, in the way hosts access such things, when they receive your emails. And since more and more companies are using email service providers these days, adding Emma to your SPF record is a natural part of using Emma's service.
How do I do it?
So glad you asked. By all means, keep reading for how-to instructions.