Let’s say you have a very popular store. Your customers love receiving coupons and communications from you by email. Then a spammer sees your email address as a great opportunity to take someone’s personal information. They send an email claiming to be you, requesting updated credit card information from your customers. Now your customers are calling in, upset that their information was compromised, and they think it’s your fault. Once word gets out, no one feels confident opening your email communications. How are they to know it’s really you?
It really doesn’t seem fair, does it? You didn’t mean for this to happen. Now you are seeing fewer people opening & clicking your communications - your brand is compromised.
Why are these spammers able to do this? Well, when email was created to make communication easier on the Internet they unfortunately didn’t include rules to stop people from pretending to be someone else. Luckily for us, SPF (Sender Policy Framework) has come along to put a stop to their shenanigans!
SPF is an authentication method that you can implement in your DNS. You list out the IPs that are allowed to send email on your company’s behalf. When an email is sent to a recipient from one of those approved IPs, the mail server receiving the message sees that it’s from a legitimate sender and continues on with the rest of their scanning. However, if an email is sent from an IP that is not listed in your SPF record, someone who is not authorized to send on your domain’s behalf, then the receiver can reject it. Your customer doesn’t receive it. Your reputation and brand stays intact. SPF saves the day - and your brand!
Learn more about SPF, DKIM & DMARC here.
SPF: What’s It All About and Why Should I Care?
Posted on May 6, 2014