We have enabled SPF
checks that enforce the policy of domain owners that have
declared which servers are authorized to send email for their
domains. SPF checking is enabled globally. Early next week we
will add an Account Manager configuration option to disable SPF
checking if you wish to accept email with a forged envelope
Like other MX restrictions, an Allow list entry can be used to
bypass SPF checks for a sender address, sender domain, IP address,
or an IP address range in CIDR notation.
During the first part of January we will be adding support for
checking incoming email with SPF
a mechanism that if widely adopted will reduce the ability for
spammers to forge envelope sender addresses. If case you haven't
noticed, most all spam is sent with a sender address that is
in no way connected to the spammer or the product being hyped.
Spammers forge domain names in spam runs because using their
own domain names would be suicide, the domain is blocked in
SPF is a mechanism that allows domain owners to publish DNS
records that declare which servers are authorized to send email
with their domain name in the envelope. Mail servers that
support SPF can reject email if it was not sent from an authorized
We urge all of our customers that own domain names that we
handle email for to publish SPF records. An SPF record is a
TXT record that declares our servers as being authorized to
send mail for the domain.
IN TXT "v=spf1 include:customer-spf.mxes.net -all"
SPF is still in flux but the record above will not change and
it will work for 99% of the customers we handle email for.
If a domain owner publishes the record above they have to send
email through the our servers and not 'forge' the envelope with
their domain name and send email through their ISPs mail servers.
Its impossible for a mail server that receives email with your
domain in the envelope to determine if this is a 'good forgery'
by you or a 'bad forgery' by a spammer.
Customers that send email from multiple servers can use this
you create an SPF record appropriate for your situation.
SPF is not a cure-all for spam but it will help. It will help
protect your domain from being forged in a spam run.