Knowledgebase
Knowledgebase: E-mails
Using SPF records in your domain template to combat spam
Posted by Nick on 11 July 2012 02:07 PM
We recommend customers add a SPF rule to their domain name(s) to combat spam and to assist we have the following predefined rules which will whitelist our servers accordingly.

This will make it easier for you to deploy a SPF rule on your domain where you wish to use our services for sending email.

We have created a DNS entry for _spf.webbase.net.nz as per below;

_spf.webbase.net.nz. 3600 IN TXT "v=spf1 ip4:119.47.119.0/24 ip4:119.47.118.0/24 ip4:119.47.124.0/24 ip4:119.47.113.0/24 ip4:119.47.124.0/24 ip4:202.89.57.0/24 ~all"

This will whitelist all of Webbase's shared hosting systems.

You can implement this by adding the following TXT record to your domain name record;

@ TXT "v=spf1 include:_spf.webbase.net.nz ~all"

If you have an existing SPF record, then you can just the include:_spf.webbase.net.nz section to your existing SPF record to include Webbase's systems. For example;

@ TXT "v=spf1 a mx include:_spf.webbase.net.nz ~all"

The ~all qualifier will soft fail messages that do not originate from one of the IPs listed above. This means the message will most likely arrive at the recipient's system but be tagged as Spam.

Further reading;
http://www.openspf.org/
http://en.wikipedia.org/wiki/Sender_Policy_Framework
http://support.google.com/a/bin/answer.py?hl=en&answer=33786

Checking the SPF rules work can be done by looking at the source of the message. Below is a before and after look at the SPF check done by Webbase.

Before:
X-Spam-Status: No, score=1.0 required=5.0 tests=SPF_SOFTFAIL

After:
X-Spam-Status: No, score=-0.0 required=5.0 tests=SPF_PASS autolearn=disabled
(26 vote(s))
Helpful
Not helpful

Comments (0)