More on SPF and Sender ID

6 minute read

It occurred to me that following Tamara’s excellent post last week that perhaps we should expand a little on SPF (that’s Sender Policy Framework) and sender ID. So just in case these terms are still leaving you confused – here’s a quick guide.
A quick introduction to Sender ID and SPF.

Email send

 

Email delivery can be a complicated business. If you have an account with Sign-Up.to, we take care of a lot of the trickier aspects, (or if you use another email service provider they should do the same) but there are a few things you can do to help to improve the likelihood of your emails reaching the inbox. Here’s a quick guide to Sender ID and SPF – two mechanisms which help to boost delivery rates.

What is SPF / Sender ID?

SPF (Sender Policy Framework) and Sender ID are two slightly different ways that servers receiving email can verify that the person sending the message is allowed to send emails from that domain name.

So what’s the difference between SPF and Sender ID?

Well, SPF validates the originating email address of a message. This is not always the same as the ‘from’ address as it relates to the actual server sending the message. SPF has been widely adopted by the major ESPs such as Gmail, Hotmail, AOL and Yahoo.

Sender ID validates the actual ‘from’ address of the email. Update of Sender ID among ESPs have been low, with AOL being the only larger ESP adopting it.

So should I use SPF or Sender ID?

Due to the lack of update of Sender ID amongst the major ESPs, we recommend using SPF. SPF adds an extra layer of security to email. It makes it much more difficult to send email from forged addresses, a favourite trick of spammers and scammers. By adopting SPF, legitimate email can be more easily separated from junk.

SPF affects everyone who sends marketing emails. Major ESPs like Hotmail and Gmail use SPF to screen emails. If an email is received which does not have an SPF record set then it is highly likely to end up in the junk/spam folder, and may even not be delivered at all.
If an email is received from an address with an SPF record but from a system that is not listed in the record, it is sent to the junk/spam folder or not delivered at all.

If you are sending email from an email marketing system like Sign-Up.to you need to ensure that the system is listed in the SPF record for your domain name, as this will help to maximise the delivery rate of your campaign.

An SPF record is a small piece of text that is stored in the DNS record of your domain name. This text explains which servers are allowed to send email on your behalf. When a system receives email from you, it looks up this record and checks it against the details of the server that sent your message. As only the owner of a domain name can alter its DNS record, this is a fairly secure way to manage this information.

How do I create an SPF record?

1. Access the DNS record of your domain name. This will usually be through the company you registered your domain name with, or your web hosting/design company. You need to check that this company supports creating a TXT record in your DNS. If they don’t, you will need to move your DNS to another provider like http://zoneedit.com. This doesn’t mean that you will need to change your web host, just your DNS provider.

2. Create a TXT record. You can use various online wizards to generate a TXT record for you. To allow Sign-Up.to to send on your behalf, the TXT record (for the domain example.com) would look something like this:

Name: example.com
Type: TXT
Value: “v=spf1 include:sign-up.to -all”
TTL: 86400

3. Add the TXT record to your DNS. When you have your TXT record, you will need to add it into your DNS record. It should detect that you have a record set. Note that in some cases it may take 24-48 hours before your new record shows up.

If you send a lot of emails to ESPs which use Sender ID instead of SPF (such as Bell Canada or AT&T addresses), we would recommend adding a Sender ID record to the SPF record. This will look the same as above, except the value is slightly different:

Value: “v=spf1 include:sign-up.to -all spf2.0/pra include:sign-up.to –all”

I don’t have my own domain name; can I still use SPF or Sender ID?

Short answer – No – you have to control the domain name to set the SPF or Sender ID. As such you cannot send out emails from free email addresses (hotmail.com etc.) through systems like Sign-Up.to.