Preventing Email Spoofing
A few years ago Microsoft implemented an additional check on their MSN Hotmail servers and in Windows Live Mail that uses Sender ID technology (aka 'SPF Record') as part of their process of determining whether or not to deliver, quarantine or stop an email sent to a Microsoft email account. Update: this now includes outlook.com email accounts.
Checking whether an IP address / domain can send on behalf of another domain is very important to prevent people pretending to send emails from a particular domain or email address, otherwise known as spoofing.
Update: many other cloud-based email providers, and other email gateways, now also check the SPF record of the sending domain prior to delivering emails into the inbox.
Please note, this is just one of the checks applied to emails being delivered to email accounts. The "spam rating" applied to emails from a particular source is also dependent on factors such as number of complaints about the sender, complaints about the website addresses included in your email message, volume of emails being sent over what time period, whether the sender continues to send emails to the same invalid email address, to name a few. Sending emails through Enudge or another reputable email solution will actually enhance your deliverability, as described in this article: Warning! bulk emails sent from your PC can reduce email deliverability
How does Sender ID / SPF Record work?
The email gateway receiving an email to be delivered to an inbox within their control checks to see whether the sending server (by domain or IP address) is listed as a valid sender for the sending domain. For instance, an email coming from my Contact Point email address (hmaloney@contactpoint.com.au) to joecitizen@hotmail.com will be sent from one IP address if the email is sent from my desktop Outlook software - the IP address of our email service provider, and a different IP address if the email was sent as part of an Enudge email campaign, even though the sending email address is the same.
Many organisations send email from an email server located on a different server to their website domain, so you should have a valid SPF Record for emails sent from your desktop computer, as well as for those sent via Enudge, to ensure their delivery.
How to Add Enudge to Your Domain Record
It is a very simply process to ensure that your domain identifies Enudge as a valid sender of emails from your domain.
If you have an SPF record set for your root domain (i.e. yourdomain.com), you must add include:enudge.com.au before the 'all' mechanism of this record. If you do not have an SPF record for your domain you must create a TXT record with the following value:
v=spf1 include:enudge.com.au ~all
The person who controls the setup of your domain name should be able to add or edit your SPF record in minutes.
It is important that you do not create more than one SPF record for your domain. If multiple domains need to be allowed to send on behalf of your domain they need to be merged within the one record. See the below for an example:
v=spf1 a mx include:spf.protection.outlook.com ~all
would need to be changed to:
v=spf1 a mx include:spf.protection.outlook.com include:enudge.com.au ~all
If you have a dedicated Enudge server, you can add the IP address of the server to your SPF record instead, using this format (using the above example again):
v=spf1 a mx include:spf.protection.outlook.com ip4:xxx.xxx.xxx.xxx ~all
(the x's of course being replaced by your particular server's IP address)
You may like to try using this online tool to help you create a correct SPF record: https://www.spfwizard.net
If you are having trouble arranging the change of your SPF record, we will be happy to assist you.