At 32, and in a long-term relationship, I seldom get a quiet night alone. On those rare occasions, I usually order in. Cooking for one isn’t too much fun.
Inevitably, the pizza delivery person will knock. Every time, without fail, I will peek through the eyehole to see who is at the door even though I’m expecting the arrival of the pizza (my girlfriend is lactose intolerant, and it’s the only chance I get to eat pizza).
I won’t open the door for the pizza I’m expecting without confirming that it’s the delivery person. The same way that I sought to authenticate the identity of the individual knocking on my door, Internet Service Providers (ISPs) do the same with your email campaigns.
What are SPF Records?
Sender Policy Framework (SPF) records ensure higher deliverability for your emails by allowing ISPs to trust the authenticity of your email.
In short, the ISP can trust the email is genuine and not fraudulently sent in your name, which is a common spammers’ trick. SPF is an email validation system that blocks spam in the form of spoofing. “Spoofers” commit mail fraud by sending mail from what appear to be trusted addresses to gain sensitive information.
If you are following email marketing best practices, your good reputation and verified identity should be enough to let the ISP know that your email is not spam and thus should be delivered.
Using SPF records, an administrator can choose which hosts may use a given domain by creating an SPF record in the public Domain Name System (DNS). The DNS can then be used to verify that email from a given domain is sent from a host approved by the domain’s administrators.
Why Does Benchmark Use SPF Records?
Benchmark Email creates a record on your behalf that shows the ISP that you are exactly who you say you are when your email is being sent. By adding an SPF to include Benchmark Email, you will authorize Benchmark to send on your behalf, by verifying that we are doing the sending with the SPF Record.
The single advantage of publishing an SPF Record is that Spammers and Phishers will not be able to forge the email sending domain. Spammers will not be able to pretend that they are sending mails from your domain name.
If they do, that mail will be caught by the Anti-Spam systems of the respective ISPs and the mail will land in the Junk or Spam folder. Thus by publishing an SPF record, you are making your domain spoof-proof.
Benchmark Email authenticates outgoing emails by using SPF and other authentication methods. You can find out more by reading our article on email authentication.
Further Understanding SPF Records
An SPF Record looks something like this:
“v=spf1 a mx -all”
In the SPF Record, you can determine which IP addresses and domains can send mails on behalf of your domain, preventing spoofing.
Let’s say you are a client of Benchmark Email and you are sending emails to your customers through the Benchmark Email platform. For better deliverability, you need to explicitly allow Benchmark Email to send mails to your customers on your behalf.
The SPF record for yourwebdomain.com should go in your DNS manager something like this:
yourwebdomain.com IN TXT “v=spf1 a mx ip4:1.2.3.4 include:thirdpartyespdomain.com -all”
In this scenario, 1.2.3.4 = the IP Address of your mail server or 3rd party ESP, like Benchmark Email. Furthermore, thirdpartyespdomain.com = the domain of the 3rd party ESP, such as Benchmark Email, or their relay mail server’s domain name.
Additional SPF Resources
We’ve put together a helpful FAQ that teaches you how to establish SPF Records with many different domain hosts.
You can get great help from the links given here:
Once you have published your SPF record as a DNS TXT record, you can test it by visiting the given links:
Bonus Section: DKIM
DomainKeys Identified Mail (DKIM) is the second factor that goes into authenticating an email address. DKIM grants an organization the responsibility for an email being delivered. DKIM may pertain to your business or your ESP. What DKIM does is it verifies a domain using cryptographic authentication.
Using an ESP like Benchmark, you will automatically have your emails authenticated with DKIM. You can take it up a notch and further improve your deliverability by enabling a DKIM CName, giving yourself double authentication. This lets ISPs know who you are and will assist you in building a sender reputation with your ESP as your co-signer.
Here’s what you’ll need:
- CNAME RECORD FOR DKIM: bmdeda._domainkey.yourdomain.net
- VALUE: bmdeda._domainkey.bmsend.com
We’ve put together a helpful FAQ to assist you with DKIM and various domain hosting companies.
Need Help?
Our customer engagement specialists are here to help if you have any questions or need any assistance with SPF Records. Contact us via phone, chat or email.