Sender Policy Framework Records

An SPF record is a part of a DNS record that essentially allows the domain owner to authorize certain hosts to send mail claiming to be from their domain. This is a great way to prevent or discourage unauthorized senders from sending mail claiming to be from your domain.

XMission respects the SPF records of other domains. If a domains SPF policy says to reject, we reject. If it evaluates as a "soft fail" (not authorized, but the domain owner doesn't want an outright rejection), we give it a higher score in SpamAssassin. We also allow the creation of SPF records for DNS records that we host.

If your mail is getting a reject code from us of XM-RJCT16, this means there is something wrong with your SPF record. Usually it means that you don't have your correct mail server listed as "allowed" in your SPF record, but have a policy of -all (deny all hosts).

Please note that forwarding mail from one account to another breaks SPF. If you are an XMission customer and you are forwarding mail from another account to your XMission account, please contact our technical support for assistance.

Creating an SPF Record

There is a great utility to help you create your own SPF record at openspf.org, The SPF Setup Wizard. For more SPF customization options, they also have detailed information on SPF record syntax here.

Once you've formulated the SPF record you want, just add it to your DNS record. Once it propagates, mail servers such as ours that respect SPF records will begin allowing/rejecting mail based on the information in your record. If your DNS is hosted with XMission, just call our technical support and we can add the SPF record to your domain.