The majority of email spam on the Internet originates from forged addresses because SMTP allows any computer to send emails claiming to be from anyone.
For instance, a spammer can put your email address in the “From” field when sending out bulk emails and the recipients may therefore incorrectly assume that the mail is coming from you. If any of them chooses to report that spoofed message as spam, its your email address that will be affected in the long run.
Authenticate your Google Apps Domain with SPF
To prevent spammers from forging the “From” field of their bulk messages with your email address, you can consider using a validation system like SPF (short for Sender Policy Framework). It basically allows the email recipients to verify that the server sending the email is authorized to send email on behalf of the domain that is found in the sender’s email address.
Let me explain. If the IP address of my mail server is 1.2.3.4, I can add an SPF record to my web domain saying that all messages coming from this particular IP address. ISPs can match the mail server address mentioned in my domain’s SPF record against the one present in my emails and accordingly pass or bounce messages to their customers.
How to Implement SPF in Google Apps and Gmail
Let’s say you have a Google Apps domain at xyz.com and you are using the Gmail service for your incoming and outgoing email.
To add an SPF record to your domain, open the page from where you can edit your domain’s DNS records. Then add a new DNS record of type “TXT” and set the value as
v=spf1 include:_spf.google.com ~all
Save the changes and this new DNS record should propagate across the Internet within the next few hours. If you are interested in the technical details, here they are are:
The entry _spf.google.com means that any server that is allowed to send mail from the IP addresses of Google Apps mail servers is also allowed to send mail from labnol.org. The ~alldirective means that email messages that are not sent from an approved server should still be accepted but may be subjected to greater scrutiny.
How to Check SPF Records of your Google Apps Domain
To ensure that your SPF record has been successfully added to your web domain, fire your command prompt and run the nslookup command in the following sequence:
- nslookup
- set query=txt
- xyz.com –> replace this with your domain name
If the answer contains the google.com string that you have added in the previous step, it indicates that SPF is successfully enabled for your Google Apps / Gmail.
Verify SPF Records with an Email Message
Finally, to verify that your SPF record is live and working, just send a blank email message tospf-test@openspf.org and check-auth@verifier.port25.com from your Gmail address.
These services will send you an instant reply containing the results of the SPF check – see example. If you see a “pass” against the SPF check, that means things are in place and it should prevent your Gmail messages from getting rejected as spam because now the recipient can distinguish forged emails from the real ones with a simple check.
No comments:
Post a Comment