SPF setup for SMTP.com customers
This article will help you understand what SPF is, why you need it and how
to use this with SMTP.com.

If you have questions that this guide doesn't cover, please contact our
Support Team



What is SPF?
SPF is an anti-spoofing policy that designates which mail servers are
allowed to send mail on behalf of a domain. SPF is published in the
domain’s DNS records as a TXT record type and should include all mail
services used by the domain. Having a published SPF that passes validation
improves your sending reputation and increases your chances of your emails
getting into the inbox.



How SPF works? 
When the recipients' system is going to accept an email, it will check
whether the domain listed in the ENVELOPE gave permission to send mail to
the mail system that is sending that exact email message. It looks up the
domain’s DNS and based on the result of SPF processing, it will decide to
put the email message in the spam folder or reject it altogether.



Why do I need to include SMTP.com’s SPF? 
You may already have an SPF published, however, as long as it doesn’t have
SMTP.com included, the emails that you send through our service may not
reach the intended recipient or may have a lower chance of getting into the
inbox.



How do I check if my mail fails SPF validation?
There are third-party tools that check SPF validation, however, these tools
have varying degrees of reliability. The most reliable way would be to send
an email to an @gmail.com address for you to review the Email Headers. To do
this go to “...” within your email and select “Show Original” in the
web interface of gmail.com. The first few lines of the page will display the
status of SPF, DKIM, DMARC validation results and whether this is passing.



How to check if my domain already has an SPF policy?
You can run a “dig txt yourdomain.org” command in the command prompt and
read the results.

You can also use third-party tools such as Google’s DIG web tool to lookup
a TXT record and read it manually (look for a record that starts with
“v=spf1…”) or even a WiseTools’ authentication checks for an
automated check and review of your SPF.



How do I add SMTP.com to my SPF?
You will need to check if your domain already has an SPF policy published
(see ” above). If it does, you may see a record that may look something
like this:
	“v=spf1 a mx include:hosting.com ~all”

It could end with a “-all” or “?all” , but it will always start with a “v=spf1…”

To include SMTP.com you must EDIT that record in your domain’s DNS
settings and add the “include:_spf.smtp.com” before the “~all”
, for example like this:
	v=spf1 a mx include:hosting.com include:_spf.smtp.com ~all

If you have no SPF on your domain - you may ADD a new DNS record in your
domain’s DNS settings. Please make sure that the fields are configured as
follows:
	Name/Host: @
Type: TXT
TTL: 3600 (or default)
Value: “v=spf1 include:_spf.smtp.com ~all”

And save.

Please wait for up to an hour and check the SPF with the tools provided
above to make sure the record is set up correctly. You may also check the
Instructions on how to set up a valid SPF



How do I check that SMTP.com is 
properly included in my SPF?
One of the options is to use WiseTools’ and on the results page look for
two strings: “74.91.80.0/20” and “192.40.160.0/19”. If you can see
them on the SPF test results for your domain - the SMTP.com is included in
your SPF record.



What are the common issues I can face 
while setting up the SPF record? 

Including anything after the “all” mechanism in the record.
The “all” must be the last thing in the record - everything to the
right of it will be ignored by any service.
Using the “?all” method at the end of the SPF record.
The question mark is a “true neutral” qualifier that can be interpreted
in unpredictable ways by the recipient systems. We recommend using the
“~all” method instead. The tilde mark is also a “neutral” qualifier
but it’s less ambiguous and provides more chances for emails to be
accepted.
Using the “-all” method when not required.
The minus sign is restrictive and while it provides more security, you must
be absolutely sure that you have included all of the mail services you use
in the record before the “-all”. We recommend using “-all” only if
you are confident in this process.
Having several TXT records that begin with “v=spf1..” on a single
domain.
A single domain must have only one TXT SPF record, otherwise they will all
be treated as invalid by the recipient systems. If you have several records,
you can combine them by editing one and pasting values from the other. When
doing so please make sure there is only one “all” and only once
“v=spf1” in the record. After combining the records, the redundant one
can be safely removed. If you are unsure in the best way to combine the
records, please contact our Support Team
Having too many includes in the SPF record.
Every mechanism that is not explicitly listing any IP addresses is causing
a DNS query when analysing an SPF record. The standard is that an SPF record
should not force more than 10 lookups. Your SPF may need trimming. If so,
please contact our Support Team for assistance.
Setting up SPF for the FROM domain while having a completely different
ENVELOPE domain.
The SPF must be set up on the envelope domain, also known as from.5321, a
return-path or a bounce-address domain. If you are not sure what these are -
most likely your Envelope and From are the same, but best to check with your
marketer or IT personnel.




What if I don’t want to list all of 
the SMTP.com? 
If you would prefer not to list the whole SMTP.com range within your SPF,
you may opt to list only the IPs used for your account. Please note that
this option is only available to accounts with Dedicated IP Addresses. For
assistance, please contact our Support Team.