Avoid spamming using anti-spamming DNS records
Most of us might have come across instances where mails from our domain are marked as spam even though it is legitimate. This article describes few settings that can be implemented in order to decrease the chances of mails originating from your domain being marked as spam.
Spamming can be prevented to a great extend by using anti-spamming DNS records such as SPF, DomainKey and reverse DNS.
Sender Policy Framework (SPF) records helps to prevent spoofing of mails by verifying the sender’s IP address. SPF record allows domain owners to specify IP address from which mails will originate, so that receivers verifying the SPF records can reject messages from unauthorized sources before receiving the body of the message.
When a mail server receives an email, it will check the DNS zone of the sender’s domain for an SPF record. If a domain publishes an SPF record, it will check if the sender’s IP address is specified in the SPF record. If this check fails, the mail will be discarded. A simple SPF record will look like:
domain.com IN TX”v=spf1 ip4:22.214.171.124 ip4:126.96.36.199 -all”
The above record specifies that email accounts under domain.com will send mails only from 188.8.131.52 or 184.108.40.206. When a mail server receives a mail from email@example.com, it will check if the mail is sent from 220.127.116.11 or 18.104.22.168. It will accept the mail only if the sender’s address is 22.214.171.124 or 126.96.36.199. For this system to work effectively, SPF checking should be enabled at the recipient’s mail server.
Domain Key :
Domain key is an email authentication system. It is used to verify the domain of the email sender and to make sure that the message is not spam.
In order to show that the email is being sent from the same domain, domainkeys insert a string of characters in the header of the mail. A protocol called DKIM (Domainkeys Identified Mail) is being developed by combining some features of Identified Internet mail, in which a digital signature will be added to the header which can be identified by the recipients.
When a mail server gets mail from your domain, it performs a reverse look up to see if the hostname of the mail server matches the IP address. If someone is trying to trick the mail server, the reverse DNS lookup will fail and the mail will be discarded.
The reverse DNS record is setup for the interface IP address of the mail server. You can request your ISP to add a RDNS record.
The above is a very rough outline on avoiding spamming using anti-spamming DNS records , if you have any questions, we would be happy to talk to you! 🙂
Bobcares provides Outsourced Web Hosting Support and Outsourced Server Management for online businesses. Our services include 24/7 server support, help desk support, live chat support and phone support.