Monthly Archives: June 2008

Do I Need to Include My Autoresponders SPF Record in My DNS?

Email Delivery: Should I Add My Autoresponder’s SPF Records to My Domain?

I recently ran across a post that claimed that by adding the SPF records of the writers autoresponder (in this case AWeber) that he expected to get past being blocked by a Canadian ISP. This is complete crap because any authentication technology associates the email in question with the sending domain and IP address not the email from address or the return email address.

I even contacted AWeber’s CEO Tom Kulzer with this scenario just to be absolutely sure and here is the email excerpt.

Chris Lang wrote:

Let’s say that an ISP receives my email from AWeber with my from address and reply address in the header. Do they look at my SPF record to see if I have a SPF DNS entry associated with your (my autoresponder) email servers?

Tom Kulzer said

They look at aweber.com SPF records.

Chris:

Also is all email sent from AWeber under the address keywebdata (at) aweber.com sent from the same IP address everytime?

Tom Kulzer:

It’s not sent from the same single IP, but load balanced across the same range of IP addresses. Those ranges can all be found in our SPF record directly or in our FAQ on the website.

Chris:

In other words does it matter if authentication records associate my domain and from address with yours?

Tom:

Does sending from the same single IP matter? No.

Does sending from the same group of IP’s matter that have an excellent reputation and reliable volume of mail built over a long period of time matter? Absolutely, yes.

Chris:

Also is there any data to support a higher delivery rate due to the use of SPF, Sender Id and DKIM?

Tom:

Not that I’ve seen which clearly shows this, but general industry knowledge of how various ISP’s build reputations
of senders and make delivery choices tells me it does help support higher delivery rates.

Chris:

Tom you have been a wealth of information on email delivery to us all many times, I just want to thank you again for taking time away from your business to set us straight.

Email Delivery and Your Email Reputation: Don’t Call Yourself a Spammer

How could you possibly ruin your Email Delivery and mark your own email IP address as sending spam?

Yes you really can be clicking the “This is Spam” button on yourself. It happens quite easily and you may have already done this yourself.

The problem is that an automated spam filter is simply unable to determine what is spam and what is a forward. Here’s a break down of the problem using Comcast as an example.

You setup an auto forwarder from your domain to your Comcast email account. This also occurs often when you forward email from your work email account.

You are forwarding mail from you@yourdomain.com to you@Comcast.com.

When your customers send emails to you@yourdomain.com the email gets forwarded to you@Comcast.com

One day you receive some spam at you@yourdomain.com, which was auto forwarded directly from you@Comcast.com.

You open your you@Comcast.com mail box and see the spam, so you click to “Mark it as SPAM” and add it to your Comcast spam filter . You have just entered a spam complaint against your own email server! Comcast’s spam filter does not register the originator of the email as the spammer – instead, it registers the last place the email came from as the Spammer and in this case and the last place the email came from is your email server which is the outgoing email server for hosts you@yourdomain.com.

Comcast will then blacklist the entire mail server so that no one can send email to any Comcast email accounts.

They will then contact your host and ask that your domain be deleted.

Until then Comcast will block all email from the outgoing SMTP servers associated with your server (thru reverse DNS).

Solution

What do I need to do you ask?

You need to login to your email admin on your domain and go through your email accounts and take off any forwarding that forwards email to any account or any other ISP.

Also check to make sure your email Alias is not forwarding to any email account or any other ISP.

Although it might be an inconvenience to many, I think this decision is necessary to protect our mail servers from being blacklisted by ISPs in this way.

Verizon, Comcast or AOL certainly do nothing to investigate the source of the spam and would rather shut down a server than take a minute to check it out.

Please note, this does not mean you cannot send emails to Verizon, Comcast, AOL or other ISP based email accounts. This simply means you should not set your email account to auto forward emails. You will still be able to compose your own email to ISP users, and you will be able to forward an email to those users from your mailbox manually.