To publish an SPF record, you will need access to your domain’s DNS control panel. If you are using a hosting provider, this process is fairly straightforward – just check their technical documentation. If you are unsure how to do this, you can contact support team or your domain administrator for assistance.
To learn how SPF works and why it is such an important security feature, read the article “What is SPF and how to configure it for a domain?”
Start by gathering a list of all domains you own, as you need to update or prepare a new, separate SPF record for each domain. Make sure you also include inactive (aka parked) domains that do not send emails, to also protect them from abuse and potential phishing.
Identify all services which send messages on behalf of your domain(s), including external tools. This includes:
IMPORTANT: If the SPF record does not include all services or servers sending mails on behalf of your domain, receiving servers may direct messages into spam. Remember to update your record after any change in IP or sending tool.
The SPF is expressed as a single string of text, published as a DNS TXT. It consists a list of values (usually IP addresses and domain names) and tags, i.e. various mechanisms and modifiers.
Each domain must have only one SPF record.
Remember, your new SPF record may require up to 48 hours to take effect.
For example: v=spf1 ip4:192.0.2.0 ip6:2001:db8: :cd30
! The given value is an example and does not point to specifics of EmailLabs servers.
For example: v=spf1 ip4:192.0.2.0 ip6:2001:db8: :cd30 include:domainname.com
To authorize EmailLabs to send emails on behalf of your domain, add the following entry to your SPF TXT record:
include:_spf.emaillabs.co
Receiving server checks wheter an IP from which the message was sent is indicated in ip4/ip6 or whether it matches servers pointed by “include” mechanism.
Note: A single SPF record cannot have more than 255 character-string and should not contain more than 10 lookups to other domains or servers. Each parameter should be separated by a space.
// Instruction above presents only a basic overview of the mechanisms that an SPF record can be composed with. You may find records that also include ptr, exists or redirect mechanisms//
“All” mechanism (always matches) is placed at the end of the SPF record. It indicates what policy and how strictly it should be applied when the receiving server detects a sender that is not authorized in your SPF record.
The “all” mechanism can contain various qualifiers:
For example: v=spf1 ip4:192.0.2.0 ip6:2001:db8: :cd30 include:domainname.com ~all
Mechanisms listed after the “all” will be ignored, so remember to put it at the very end of the record.
In addition to SPF, we also recommend configuring DKIM and DMARC. The above authentication methods provide enhanced domain security and increase the likelihood of proper delivery of Emails to the recipient’s mailbox.
How Apple Mail privacy updates affect email open rates? Although the new privacy policy for Apple users was already introduced in September 2021 (with the launch of iOS 15...
Best practices, Dobre praktyki, Transactional Emails
mBank was the first bank in our country to declare war on cybercriminals’ activities and implement sender authentication in the most popular mailboxes used by their customers. These solutions...
Sociotechnic, or in other words social engineering, is any action that influences another individual in order to persuade him to take certain actions, which may not be in his...
Best practices, Converion Rate, Dobre praktyki
Promotional emails usually contain a significant amount of information – we are talking here not only about the content, but also graphics presenting the products covered by the promotion,...
Ignoring the mistakes made in previous years and failing to learn the right lessons are the main ‘sins’ of marketers preparing campaigns for Black Friday – a day considered...
Vercom S.A. public company, to which the EmailLabs project belongs, has successfully completed the ISO 27001 Surveillance Audit and ISO 27018 Certification. Both audits confirm that organization’s information security...
We’re launching our CyberLabs series on the latest news from the cybersecurity world. Based on practical examples, our pentester will give tips on how to prepare for potential threats...
Antispam, Best practices, BIMI
The AuthIndicators Working Group (BIMI Group) recently announced that Apple systems such as iOS 16, iPadOS 16, and macOS Ventura will support BIMI starting this fall. Thus, the infographic showing...
Email marketing communication needs to be properly handled to be effective. Apart from technical matters, building positive subscriber engagement with email communication is very crucial. Nowadays, consumers feel overwhelmed...
An ESP (Email Service Provider) is a software-based service for email distribution, often based on its servers, optimized for high (mass) traffic. Many of them enable integration with CRM...
Best practices, Deliverability
What is email deliverability? While talking to eCommerce store owners, marketing specialists, or reading various reports on email communication, you may often get the impression that the main criteria...
Vercom, to which EmailLabs belongs, is a European company, fully compliant with the provisions of GDPR and based solely on its own servers located in CEE. We provide our...
With the emergence of the Covid-19 pandemic, many brands have been challenged to adapt in a short period to the changed reality and new consumer attitudes. That meant reorganizing...
How to avoid having my messages stopped by the spam filter? Your customers’ inbox certainly has protection set up to prevent unwanted emails. However, to pass their validation, you...
Converion Rate, Dobre praktyki, Open Rate
For many years, one of the most frequently monitored metrics of the effectiveness of email campaigns has been the open rate, i.e. the ratio of messages opened to messages...
Email security is an essential element that every company needs to ensure during the era of evolving cybercrime. Attacks by hackers on business entities very often target precisely email...