For our support team, SPF-related questions crop up a lot! It’s been several years since we switched from SPF/DKIM verification to VERP (Variable Envelope Return Path) and we’re still doing all the SPF bizzle behind the scenes!
What is SPF (Sender Policy Framework Record)?
Updating your SPF record is extremely important when using an external SMTP provider. When your emails arrive at an incoming server, the incoming server will check the SPF record again to see ‘who’ has permission to send on a domain’s behalf. SMTP2GO implements a clever method of SPF checking using a CNAME instead. This gives many advantages over the standard SPF record, including better security and easy DNS verification.
What the VERP?
SMTP2GO now sends mail with a return-path email address at a subdomain of your sender domain name (all of the necessary information and CNAME values can be found within the Verified Senders section of your dashboard).
For maximum email delivery rates and better branding, you’re required to add any domain names (that you send emails from) to the Sending > Verified Senders page. Adding a sender domain and updating the sending domain’s CNAME records means that SPF and DKIM are automatically handled by us.
Previously, we would simply send emails using the exact same return-path email address as the one in your ‘From’ header. As the SPF protocol checks the domain name of the return-path email address, it will pass as there will be a CNAME pointing to us (and we maintain a correct SPF record at the subdomain it points to).
In a nutshell…
The return.smtp2go.net CNAME record handles the SPF verification for your domain. This is the new industry standard means of verification and does not require you to include us on your own publicly available SPF, which makes things more secure!
Once the CNAME records for the sender domain have been updated correctly (within the DNS provider’s dashboard), your domain will show as ‘Verified’ on your Verified Senders page.
If the domain is not verifying, however, one possible problem could be that you have multiple DNS servers, and one or more of them are not reporting the correct result.
It’s still not verifying… What can I do?
You can search for cname:hostname.com:all at MxToolbox, which will show the results from each of your individual DNS servers. Make sure to replace hostname.com with the particular CNAME hostname that you are trying to verify (e.g. em100.yourdomain.com). You can also hover your mouse over the red/orange exclamation symbol on the Sender Domains page to see any error message in a tooltip.
