SPF Recommendations
Ashleigh Alldredge avatar
Written by Ashleigh Alldredge
Updated over a week ago

Implement a Sender Policy Framework

There are a variety of issues that could impact email delivery ranging from firewall filters to typos that result in an invalid email address. We can't prevent typos but we can make it easier for firewalls and filters to validate emails. Implementing a Sender Policy Framework (SPF) is the easiest and most efficient way to ensure your emails get past these checks. 

It's considered best practice to implement an SPF to make your domain less attractive to spammers and phishers. Spammers and phishers won't waste their time forging emails for your domain because they are more likely to get caught by the filters. It also makes it less likely that your domain will get blacklisted because spammers and phishers are using your site to send their illegitimate mail. 

What is a Sender Policy Framework (SPF) record?

SPF is an authentication specification within your TXT record, included in your DNS configuration, to prevent fraud and prevent phishing. Including SPF helps to ensure that legitimate emails are delivered. 

Major internet service providers (ISPs) and many corporate spam filters check for one or more types of authentication when determining whether or not to allow emails to be delivered to a recipient's inbox. This can prevent legitimate receipts or other messages generated on your behalf by other companies, such as GiveGab Enterprise, from being delivered by flagging them as spam. If too many emails classified as spam come through the system, they will block any subsequent emails, flag kimbia.com as potential spammers, and blacklist your domain. 

The TXT record provides information that verifies your domain ownership and security information, such as the SPF. The SPF identifies the domains authorized to send emails from your domain. By declaring these domains as legitimate email domains, the firewalls and filters will let them pass to the recipient's inbox. 

We haven't used an SPF before, why now?

Some mail systems, such as Gmail, will validate the From domain against the domain sending the email. GiveGab Enterprise receipts are sent from yourdomain.com using Kimbia.com. When the two domains do not match, the filters will consider the email suspicious and block it. Eventually, if you have too many emails that fit this category, they will completely block or blacklist all emails coming from your domain. One of the ways to prevent this is to add an SPF specification that notifies firewall filters that you approve Kimbia.com sending emails on your behalf. 

Verify SPF specifications 

When donors report that emails sent by the GiveGab Enterprise platform are not being received, verify whether your domain has an SPF that includes spf.kimbia.com

*This document is not intended to provide complete instructions on how to configure SPF. It's intended to provide the information you need to add GiveGab Enterprise to your existing SPF record. For additional information about writing SPF records, see http://www.openspf.org/SPF_Record_Syntax . For more details information regarding SPF in general, see http://www.openspf.org/Project_Overview

1). Use your favorite browser to navigate to https://mxtoolbox.com/spf.aspx
2). Enter your email domain in the field under the SuperTool heading in a name.org format.
3). Press Enter on your keyboard.

On the results page, you will see:

  • The SPF in the DNS configuration for name.org

  • A breakdown of the SPF declaration and the description of the various elements

  • The results of the specific tests run against the script noting any errors or issues. 

Verify whether spf.kimbia.com is included. 

  • If it is, then keep looking for another cause for the issue and contact GiveGab Enterprise support. 

  • If it isn't, insert spf.kimbia.com via "include:spf.kimbia.com" to your SPF specification. 

Example of a correct SPF record in mxtoolbox:

Did this answer your question?