As the online systems and assets of every business grow and email spammers get better at their craft, successful email delivery is becoming a bigger and bigger problem. At AssetLab, we’ve struggled with delivery because the .us domain names are considered to have higher email spam risk, and we send email with our domain from countless client websites, email marketing tools, and we have our own corporate emails.

The best and easiest way to improve email delivery is to include a properly setup SPF record (Sender Policy Framework).

SPF records are a DNS record that determines where mail appearing from your domain is allowed to originate from. Using SPF records properly makes email spoofing much less likely and reduces spam scores from email servers receiving your emails.

You may need to include the following in an SPF record:

  • Website Hosting (GoDaddy, BlueHost, HostGator, WPEngine, AssetLab Hosting)
  • Email Marketing (MailChimp, ConstantContact, Aweber, ConvertKit)
  • Corporate Email (Google G Suite, Office 365, GoDaddy)
  • Accounting & Invoicing (Quickbooks Online, Freshbooks)
  • Customer Relationship Manager (Salesforce, Microsoft Dynamics, Zoho, HubSpot)

Need Help With Email Delivery?

The AssetLab Team can help you troubleshoot email deilvery problems. Click the button below to get in touch.

How SPF Records Work

SPR Records indicate to mail servers which servers they will receive legitimate email from. Depending on how the SPF record is setup an email coming from a server not on the list may be simply dropped, or it may be processed in a way that spam filters are much more likely to pick them up.

There are several parts to an SPF record:

  1. The part that indicates it is an SPF record (i.e. v=spf1)
  2. The part that indicates which servers are legitimate (i.e. +a + mx)
  3. The part that directs what to do when a receiving from an unlisted server (i.e. -all)

Want to see the AssetLab.us SPF record? Click here to be taken to the MXToolkit lookup for our domain.

Creating A SPF Record

Here’s a simple SPF record:

v=spf1 a mx -all

This means “Any email from my domain name or the email servers listed in my DNS records should be processed. All others should be dropped.”

Let’s break this down so you understand the pieces and can handle a more complex record. Here are the pieces:

  • “v=spf1” is the indicator that this is an SPF record
  • “a mx” means that any server in listed as a DNS A record or DNS MX records list is valid for sending email. (There is an implied “+” in front of those two, you could also use a “-” to specifically exclude a server)
  • “-all” means if no other sending server match exist then an email should be dropped. There are a few other options as welll including “~” which is a soft failure, “+” means pass, “-” means fail, “?” means neutral

What else can we add or do with an SPF record?

  • include: means lookup the rules from another domain name and include them as if they were included here
  • ip4: means lookup and use the rules for this ip4 IP address
  • ip6: means lookup and use the rules for this ip6 IP address

So, now let’s include GoDaddy hosting and MailChimp and put together an SPF record:

v=spf1 a mx include:servers.mcsv.net include:secureserver.net ~all

The two parts we added and one I changed are:

  • include:servers.mcsv.net: The MailChimp mail server, and
  • include:secureserver.net: The GoDaddy hosting mail server
  • ~all: Notice I changed to a soft-fail, which is more practical when clients can sign up for a new system that send email any time, without notice

Common SPF Record Includes For Online Systems

WPEngine – User Portal

include:sendgrid.net

WPEngine – WordPress Email

include:mailgun.org

GoDaddy

include:secureserver.net

AssetLab Hosting

include:mailgun.org include:secureserver.net

Mandrill

include:spf.mandrillapp.com

MailGun

include:mailgun.org

SendGrid

include:sendgrid.net

Google G Suite / Google Apps

include:_spf.google.com

Office 365 (See Documentation)

include:spf.protection.outlook.com

MailChimp

include:servers.mcsv.net

ConstantContact

include:spf.constantcontact.com

FreshBooks

include:_spf.freshbooks.com

QuickBooks Online

ip4:206.154.105.160/27 ip4:199.16.139.16/28 ip4:206.108.40.0/25

Keep the number of records to a minimum, they must generate less than 10 DNS lookups.

Using this information you can create an SPF record and add it to the DNS settings for your domain. To do so you create a new TXT record with the host specified as “@” and the SPF record goes in the text of the TXT record.

Once that has applied, use a MXToolbox SPF Validation Tool to verify you have created what you intended.

Need Help Setting Up The SPF Record Or With Email Delivery?

The AssetLab Team can help you troubleshoot email deilvery problems. Click the button below to get in touch.

Pro Tips For Creating SPF Records For Your Clients

SPF records, if setup poorly, can cause all email for an organization to go to SPAM folders or be dropped by email servers. This is extremely bad but easily identified. Just ask the client to reply to an email from you, or send an email to you, once an SPF change has taken effect.

Worse is the situation when, after an SPF change, certain emails get dropped or go to spam, but not all. This is much harder to identify and troubleshoot.

Our best practices when adjusting SPF records are:

  • Use a ~all, not a -all to improve delivery for systems not listed in the SPF record
  • Roll out a change with pre and post change communication and then verification that standard emails are working all within 30-60 minutes. Recheck with the client a couple hours later.

About The Author

Jeff Kelly started AssetLab Marketing to help businesses sell more by increasing the number of leads, calls, and sales coming from their website, social media, and online advertising.