I sent myself an email last night to forward out to the team. A while after getting to work I wondered where was my email? It had been put in my spam folder! Email is more critical to me than postal mail and I would love for it to be reliable. I've had problems this year where important emails where put into my spam folder.
Sender Policy Framework (SPF) exists to help reduce spam and while I'm not sure if this will reduce the odds of emails from my domain being marked as spam I figured it won't hurt.
This blog post will describe how I setup SPF for my website which uses Google Apps for email and web content and
GoDaddy's Total DNS product for
Domain Name System configuration. If you use the same infrastructure it will be easy copy and pasting. If not you might have to do some additional reading, or switch your infrastructure :)
I ran across this page with SPF Tools including a wizard to generate an SPF record and some record testers.
Using their wizard I got this string: "v=spf1 mx ~all" spf1 means spf version 1, mx means accept mail from mail servers, and ~all means softfail all mail. So basically this would softfail all mail not sent from google's mail servers. This made sense. Being a cautious type I decided to see what Google Apps Admin Help has to
say on the matter. Hmmmmmmmm they recommend "v=spf1 include:aspmx.googlemail.com ~all". This seems to do a DNS lookup at aspmx.googlemail.com which redirects over to spf.google.com which has a list of acceptable IP addresses. I decided to go with Google's recommended method. I also decided to change the ~ which is a softfail to a - which is a fail. Using the tilde seems to be a precautionary measure which reduces the usefulness of the spec. It is interesting to note that the SPF Tool wizard generates SPF records with a ~ and so does GoDaddy's generator....... But oh well I'll live on the wild side :)
To implement my record I login to GoDaddy's Total DNS Control and click add new text record. For the TXT name I put "davidsilvasmith.com." and for the txt value I put "v=spf1 include:aspmx.googlemail.com -all" and a Time To Live (TTL) of 1 hour.
Then I validate my results by emailing
check-auth@verifier.port25.com.
Here are my results before implementing the changes:
SPF check: neutral
DomainKeys check: neutral
DKIM check: neutral
Sender-ID check: neutral
SpamAssassin check: ham
Here are the results after:
SPF check: pass
DomainKeys check: neutral
DKIM check: neutral
Sender-ID check: pass
SpamAssassin check: ham
Then I emailed my work account and got my email sent to the spam folder still. Rats.