Email Deliverability: Part 1 – SPF Records

How do I Improve My Email Deliverability?

Email deliverability when hosting your email with a web hosting provider can be a tricky issue. Oftentimes, we see or hear about web hosting customers across the industry that have been having issues with their emails going to spam folders or being rejected completely. This series will discuss a few different processes for ensuring that your DNS records are set up properly to further improve your domain’s and shared/dedicated IP reputations. If you share an IP with other clients, as most do on Shared and Reseller web hosting, doing your part to ensure the reputation of an IP stays positive is being a good virtual neighbor.

We at ProResellerHost strive to help out others to improve their email reputation to ensure emails get to the right inboxes.

What Causes Emails to go to Spam Folders?

There are a number of possible reasons that your emails are going to Spam or Junk folders. Some of these reasons fall into the category of misconfiguration by your web host, by you, or by some other provider you may be using. Additionally, there may be causes that you have no control over, such as an IP being blacklisted. So let’s dig into these a bit more.

SPF is not setup or is misconfigured

Sender Policy Framework (SPF) is an email authentication technique that is used to prevent spammers from sending emails on behalf of your domain. This is to further restrict the ability of your domain email to be spoofed. An SPF record helps to specify exactly which mail servers are permitted to send an email on behalf of the domain. In this case, typically, unless you are having your email handled by a third party, you’ll want to have your SPF record showing your domains IP, permitting any MX records that you have configured to send mail on behalf of the domain, and any additional servers that you want to permit to send mail on behalf of your domain.

An excellent tool that we can recommend for SPF records is the Mimecast | dmarc analyzer website and their SPF Record Checker.

This is a great resource that we can recommend (but are not affiliated with in any way) as a way to understand more about SPF records and the basics of them.

How do I setup an SPF TXT record?

If you are a ProResellerHost client, use the following steps to create your own SPF record for your domain.

  1. Sign into the DirectAdmin control panel (details were sent in your service purchase email)
  2. Click on Account Manager
    1. If you have a Reseller Hosting service with us, you’ll need to switch your view to User instead of Reseller.
  3. Click DNS Management
  4. Check if you already have a TXT record starting with “v=spf1” .. if so, reconfigure that using the pencil icon on the right.
    1. If not, then click the Add Record button at the top-left of the DNS entries.
  5. Choose record type: TXT
  6. Leave the name field set to your primary domain
  7. Leave the TTL (Time To Live) as the default 3600, unless you have received specific directions to change it.
  8. Change TXT Record Type to SPF.
  9. Leave Redirect Domain blank
  10. Check “Allow servers listed as MX to send email for this domain” so that your mail server is automatically authorized.
  11. Check “Allow current IP address of the domain to send email for this domain” so you don’t have to worry about adding it again.
  12. Recommendation: Leave “Allow any hostname ending in {domain.tld} to send email for this domain” unchecked. This further reduces the likelihood of spammers causing issues for you, if another server was recognized as a MX sender of your domain.
  13. If you want any/all of the IP addresses that are assigned to your service specifically added, you can either add the individual IP addresses, or you can specify an IP address range in CIDR notation, such as 100.200.1.2/29.
  14. Enter the hostname of the server your website is hosted on as an additional sender. This reduces any issues from using SendMail PHP functions, rather than having any application specifically authenticate an email account.
    1. Recommendation: Leave this field blank and ensure that every application that is going to send email is authenticating against an existing email address for your domain.
  15. Include Domain: Leave blank. If you add another domain here, if that other domain is hijacked for any reason, your email reputation could be affected, due to searching this secondary/tertiary domain.
  16. Mode: Select the mode that you desire to fit best. Fail (hard fail), Soft Fail, or Neutral.
    1. Fail: Email will not be accepted at all and will be rejected, sending a report back to the sender with a technical explanation. This may cause issues if a senders email is not configured 100% correctly, or their reputation is not great. (not recommended)
    2. Recommended: Soft Fail: Your mail server does not want to accept this email as it has been marked as spam. You may find more email you receive going into spam folders with this setting, but you’ll at least get the email.
    3. Neutral: This mode specifies that nothing can be said about email validity; the mail server will accept email and deliver to Inbox even if it is spam. (not recommended)
  17. Verify the information in the Value box is as appears above, then click the Add button.
  18. Your SPF policy has been configured and setup properly. You may choose to validate this configuration with the above tools.

Series:

Conclusion

I know that this may not be the easiest tutorial to follow, and maybe something you want your web hosting provider or someone more technically savvy to work on. Getting the settings right for your DNS records ensures that you have a higher probability of success with sending emails to outside recipients. If you are still struggling to get your DNS entries correct, please feel free to submit a ticket or to email us ([email protected]) for assistance.

Copyright © 2021 ProResellserHost, LLC - ProResellerHost.com. All rights reserved.