6

So I just succesfully set up postfix + dovecot. is SPF enough to make sure emails get delivered to my website's users?

I don't want my emails to end up in their spam box.

Alex
  • 8,471
  • 26
  • 75
  • 99
  • While you can do things to improve the 'profile' of what you send so it doesn't look like spam to general automated tools, you need to understand that there is no way to be 100% sure you don't end up in people's spam folder. I own my mailbox, you don't. If you send me legitimate email that I signed up for, but I decide that all emails from people named "Alex" are spam because I'm crazy then you're going to end up in my spam filter no matter what you do. – Rob Moir May 02 '11 at 10:59

3 Answers3

5

No.

SPF is a mechanism for indicating which servers are allowed to send mail on your behalf. But it says nothing about whether or not YOU will be sending SPAM. And remember, it's the receiving server's decision what to do with the information it has and whether to accept your message -- they can make that decision based on any criteria they please.

Most servers take the following points into consideration:

  • The recipient's whitelist, blacklist, and/or addressbook
  • The content of the message
  • The "authenticity" of the message -- sender IP vs return address, MX records, SPF records, and DomainKeys factor in here
  • The "trustworthiness" of the sender's IP -- RBLs come in here, also the IP's country, ISP, and similar factors may be examined
  • The current and historical send rates of the sender's IP

That last point is one that many people don't take into consideration -- if you don't normally send much email, and then you send out a newsletter as a single "blast", your email will have a much lower delivery percentage. You're significantly better off sending out email in a constant flow with a slow ramp-up rather than sending out a single mass-mailing. When large companies need to alert their entire customer base about something (like Sony last week), it often takes days to get the message delivered to everyone.

tylerl
  • 15,055
  • 7
  • 51
  • 72
5

SPF can contribute depending on the way the recipient mail server has been setup. Generally I have seen it being used to weight a message as non spam, not act as a singularly decisive factor. DKIM will also help in the same way.

Having said that, the best way of your mail being treated as legitimate is to ensure to basics are covered

  • ensure the server is setup correctly, the server name (i.e. the name offered in the HELO/EHLO when you server delivers mail) is a valid FQDN
  • make sure the PTR record for the IP of server is set. It should (at the very least) have a valid PTR record, ideally it should match the server hostname (although not too many providers worry about a match. Your SPF record can specify both).
  • use a valid from address when sending mails for receiving servers that use sender verification (often www-data@server.x.z is the sender address for apache generated mail, but doesn't accept mail)
  • check that you aren't attempting to run a mail generating server on a provider range that is known to cause problems (EC2 elastic IP's gave us a fair amount of hassles - a few providers had blacklisted the entire range at one point due to spam problems. not sure if this is still the case)
  • check that your IP isn't listed on the commonly used RBL's (http://www.anti-abuse.org/multi-rbl-check/)
  • don't send spam (it's obvious, but you never know :)

you can check how a mail will be interrogated (with some handy DKIM and SPF validity checks) by sending an email to check-auth@verifier.port25.com - it will send back an automatic mail report.

Mark Regensberg
  • 1,411
  • 12
  • 14
3

There's no way to 100% certain that a legitimate email from your domain won't be treated as spam by some receiving domain or user.

Having valid SPF records is, however, a critical step in reducing the chance that emails from your domain will be treated as valid. You should also look at DKIM as another method.

Ward - Trying Codidact
  • 12,899
  • 28
  • 46
  • 59