Forums / Tips & Tricks / SPF Records and Spam Control
SPF Records and Spam Control
Submitted Jul 30 by Morten Primdahl
If you experience that emails from your Zendesk account tend to end up in spam filters, here's a tip for those of you who do not use the standard reply address (ie. the youraccount.zendesk.com domain in the reply address under Accounts/Mails and domains).
Add an SPF (Sender Policy Framework) record. An SPF record is a DNS TXT record which designates the SMTP servers that are authorized to send emails for your domain. Case in point, our SPF records look like this:
morten@flake ~ $ dig -tTXT support.zendesk.com|grep spf
support.zendesk.com. 3559 IN TXT "v=spf1 include:_spf.ey05.engineyard.com ip4:65.74.185.41 ~all"
If you have eg. support@youraccount.com as the reply address for outbound emails, you should also add a DNS TXT entry for the domain name youraccount.com, containing the following:
v=spf1 include:support.zendesk.com ~all
Once the recipient email server gets an email and can validate that the email is from a server that's specified under the sender domain, it can rule out that the email has a forged "from" address.
Read more about SPF here http://en.wikipedia.org/wiki/Sender_Policy_Framework and here http://www.openspf.org/
Update 2008.12.03:This entry was rewritten to reflect Francois suggestion in the comment.
Comments
If I may, Zendesk's clients would probably be better to use "v=spf1 include:support.zendesk.com ~all". That way, if you decide to change your sending servers at some point, you won't have to require Zendesk's clients change their DNS settings.
Very nice Francois! Input from the CakeMail rock stars is always very welcome :-)
To other curious readers, what Francois proposes is that you configure your SPF record such that it looks up the SPF record for support.zendesk.com and allows the SMTP servers defined by us, rather than "hard coding" our current configuration as I proposed above. Very elegant. Thanks.