Page tree
Skip to end of metadata
Go to start of metadata


Sender Policy Framework (SPF) and Domain Keys Identified Mail (DKIM) are ways for a receiving mail server to verify email messages as authentic to help prevent spam.

Your own domain

We are only able to send authorised emails if you have your own domain name, e.g. mycompany.com. We are unable to send emails on behalf of other company emails like;

  • @gmail.com
  • @hotmail.com
  • @outlook.com
  • etc, etc.

This also affects using your ISP's (Internet Service Provider) free provided emails (e.g. @bigpond.com , @optusnet.com, etc.)

 

Spam and Whitelists

Even though clients go through this process they may have clients using Office365 that may require our mail server IPs added to their whitelist or they may need to adjust their spam policy. We have links to documentation here:


Configuring SPF and DKIM

SPF and DKIM records authorises our mail server to send mail on your behalf and must be entered on your DNS server. If SPF and DKIM settings are not configured correctly, our mail server will deliver email "on behalf of" rather than the email coming from the sender's email address.

Spam that's not Spam.

Sometimes receiving email servers or anti-spam software interpret email sent "on behalf of" as spam and this can prevent the email from being delivered.

Please send this page link to your IT Administrator and ask them to configure the SPF and DKIM records on your DNS server:  Configuring SPF and DKIM

About SPF and DKIM

The following is more of a technical explanation of what SPF and DKIM settings are.

 

SPF

Sender Policy Framework (SPF) is a simple validation system designed to check that incoming mail from a domain is being sent from an email server authorised by that domain's administrators.  The list of authorised email servers are entered as TXT records on the DNS server.

For more information about SPF, please see the Sender Policy Framework Wikipedia article.

DKIM

DomainKeys Identified Mail (DKIM) is designed to detect email spoofing by allow receiving mail servers check that incoming mail from a domain is authorised by that domain's administrators. A digital signature included with the message can be validated by the recipient to help identify the sender of the email.

DKIM is configured by adding the appropriate digital signature key as a TXT record on the DNS server.

For more information about DKIM, please see the Domain Keys Identified Mail Wikipedia article.

 

Checking and Testing SPF and DKIM

You can check your SPF and DKIM records by using the following links:

SPF Record Testing Tools
Enter your domain name in the first text box and click Get SPF Record.

Check a published DKIM Core Key
Enter mandrill as the selector and your domain name.