This is serious. This is about your email deliverability. I know from my own experience that these acronyms may sound unfamiliar, scary and may seem totally uninteresting. Or maybe they sound familiar, but you never cared enough to check what they really are.<\/p>\n
Either way, it’s time to learn a bit about what SPF,<\/span>\u00a0DKIM<\/span> and DMARC are and how to set them up in your DNS records<\/a> for your mail server, if you want to have better control over your email deliverability. I’ll also show you where in Woodpecker you can check if they are set up properly.<\/p>\n I’ll do my best to explain that in simple words, which\u00a0will be understood not only by programmers.<\/p>\n Simply speaking, Sender Policy Framework (SPF<\/span>) is a security mechanism created to prevent the bad guys from sending emails on your behalf. The mechanism is all about communication between DNS servers… and this is the point when it all starts to sound scary! But don’t panic. I’ll try to keep it as simple as possible.<\/p>\n Let’s say you’ve sent an email to Bob. But how does Bob’s DNS server know that the email was in fact sent by you? The problem is, it doesn’t really. Unless you have SPF<\/span> set on your DNS server.<\/p>\n SPF<\/span>\u00a0defines which\u00a0IP addresses can be used to send emails from your domain. So let’s imagine two possible server “conversations”. To make it all easier, let’s assume your name is Mike.<\/p>\n Mike’s\u00a0server:<\/strong> Hey, Bob’s server. I’ve got a new message from Mike.<\/em> Mike’s\u00a0server:<\/strong> Hey, Bob’s server. I’ve got a new message from Mike.<\/em> My apologies to all tech-savvy readers of this blog for this ignorant oversimplification. Please forgive us dummies, and keep in mind that we do envy you your super-analytical minds.<\/p>\n Anyway, the moral of those two short dialogues is: set your SPF<\/span>. If you don\u2019t, you risk having your email hacked<\/a> or spoofed or you may look like a bad guy, and not all your emails will be delivered.What is SPF? How does SPF work?<\/h2>\n
Scenario 1 – You don’t have SPF set up.<\/h3>\n
\nBob’s server:<\/strong> Hi Mike’s server. What’s your SPF<\/span>?<\/em>
\nMike’s\u00a0server:<\/strong> Yeah, about the SPF<\/span>… Who cares, really. I don’t have one. Trust me, it’s from Mike.<\/em>
\nBob’s server<\/strong>: If you don’t have SPF<\/span>, I can’t be sure\u00a0it was Mike\u00a0who sent this. Give me Mike’s allowed IPs, so I can compare it with yours.<\/em>
\nMike’s\u00a0server:<\/strong> I don’t have the list of Mike’s allowed IPs.<\/em>
\nBob’s server:<\/strong> Then I don’t want your message. Delivery denied. Sorry, buddy…<\/em><\/p>\nScenario 2 – You do have SPF set up.<\/h3>\n
\nBob’s server:<\/strong> Hi Mike’s server. What’s your SPF<\/span>?<\/em>
\nMike’s server:<\/strong> There you go, here’s my SPF<\/span>.\u00a0There’s a whole list of IPs that Mike himself declared as the ones which\u00a0can be used on his behalf.<\/em>
\nBob’s server:<\/strong> Ok, let me see… And the message\u00a0you have for me is sent from IP 64.233.160.19. Ok, it’s on the list. Everything looks fine. Gimme the message, I’ll show it to Bob. Thanks!<\/em><\/p>\n
\n\n