Email Sender Policy Framework Setup

It is important for organisations using the jnet Portal to set up their email systems so that emails sent from the portal on behalf of the organisation are not marked as spam by recipients.

When emails arrive in a recipient's inbox, spam filtering software will examine the domain records for each email in order to try and determine whether it has been sent from a valid source. Most domain records include a Sender Policy Framework (SPF) entry, which states which servers are valid for sending email from that domain. The spam filters can query these SPF entries and then make a determination as to the validity of the email.

  • If there is no SPF record present, the spam filter will usually mark the email as "neutral"
  • If there is an SPF record present, and the email does not come from one of the listed valid servers, the email may be marked as "spam"
  • If present, only if the SPF record explicitly states that the source server is valid will the email be marked as having passed the test.

Spam software will likely redirect mails marked as spam to the junk folder, but in some cases even mail marked as neutral will be sent to junk.

It is therefore very important to add an appropriate SPF record so that automated emails sent from the Portal using the organisation's domain are treated as valid. Note that passing SPF alone may not guarantee that the email will not fall foul of another of the spam filter's rules, but the chances are vastly increased.

To add an SPF record, a TXT record should be added to the (advanced) DNS record for the organisation's domain. A typical example is below:

v=spf1 a include:jnetapp.co.uk ~all

The above record firstly declares the version of SPF that it is using, with the string "v=spf1". Next it specifies that all A records for the domain in question are valid, with the string "a". Next it specifies that the SPF records already existing on jnetapp.co.uk should be taken as valid for this domain as well. Lastly it specifies that all other senders should be regarded as neutral.

When ensuring that an SPF record is compatible with jnet's portal, the key criterion is that "include:jnetapp.co.uk" should be added to the record. All other aspects of the record can remain client specific.

These records can be somewhat complex and their implementation can be critical to a company's email functionality so ideally such changes should only be attempted by a suitably qualified individual.