Improving SPF Compliance

SPF can be a huge benefit to your email delivery.  SPF, in short, lets you state who you trust to send your email.  The more email sent on your behalf that complies with your SPF rules, the more of your email will be accepted by email inbox providers and your intended recipients.

How does SPF work?

SPF is a DNS record type that gives you the option to declare all the IP addresses, domains and 3rd party providers that you use, and also limit the list of valid emailers to only what you list.  By setting these limits, you could shut down potential fraud, spoofing or phishing threats and improve your reputation with customers and vendors.  Spoofing and phishing scams are incredibly common place, even using credentials from legitimate small and medium sized businesses.  Email that is SPF compliant is more likely to get to a customer’s inbox.

How can you improve SPF Compliance?

First, you need to understand what your compliance rate is.   To get your compliance rate, you’ll need to elicit feedback from your recipients.  Fortunately, you can do this by setting up a DMARC record, something that MxToolbox can help you with.  DMARC records include an RUA declaration which defines who gets SPF and DKIM compliance information about your email.

Compliance digests can be cumbersome to read, process and understand, especially if you have more than a very small volume of outbound email.  Getting help processing these files, like with MxToolbox Delivery Center, is a necessity.  However, once decoded, you’ll get information about ALL the IP addresses and Domains that send email on your behalf and how much of that email volume complies with SPF or DKIM.  Now’s the time to consider how to improve compliance:

  1. Take note of IP addresses and domains that are low in compliance
  2. For each IP address and domain, investigate the origin
    • Is the domain an email partner that wasn’t included in your SPF record?  Commonly, CRMs, Email Marketing, Marketing Automation, Order Management and Customer Support/Ticketing Systems send email on your behalf.
    • Does the IP address belong to you, an existing partner or a new email partner?  It is common for partners to add a new IP range from time to time.
    • Does the IP address belong to a forwarder one your partners uses?  Forwarders are more difficult to track down but you may need to investigate or change your contract terms.
    • Can you trace the IP address to a place you don’t do business or a location of frequent scammers?  It is frequent
  3. For valid IP addresses and domains, add them to your SPF (or negotiate with the department that hired them to stop using that service)
  4. For invalid IP addresses, there are options you can take through DMARC to instruct your recipients to reject SPF-non-compliant email.

This is an iterative and continuous process.  New services will be added and IP addresses change all the time.   SPF Compliance requires regular review of your DMARC digests and statistics.  However, all this work will improve your email delivery and your online reputation.

MxToolbox Delivery Center is your solution for managing SPF and DKIM compliance and understanding the complexity of DMARC setup.  MxToolbox experts developed Delivery Center to help customers like you improve email deliverability, manage their online reputation and head off fraud and phishing issues.