We've been noticing that Gmail and a number of other companies are getting more aggressive with their SPAM filtering and we wanted to address an important topic that, while not specifically Bananatag related, effects your email and is often overlooked:

SPF records.

While that may sound really boring or super technical you'll definitely want to take a look and make sure you have them in place.

What is an SPF record?

SPF records tell receiving mail servers that the server sending the email is allowed to send for your domain.

We care because?

If someone is trying to send email and make it look like it's coming from your email address, it will fail the SPF check when the receiving mail server check with your domain to see whether the server the email is coming from is allowed to send for your domain.

We find Google Apps users are especially prone to skipping this step, since many individuals and companies sign up and get started so easily and just forget to set up any SPF records. If you receive an email without one and click the down arrow beside the Reply button, then select "Show Original" you'll likely see something like this:

Received-SPF: none (google.com: john@fakeemail.com does not designate permitted sender hosts) client-ip=***.***.***.***


Interestingly, even if you send from a Google Apps account to another Google Apps account, Gmail will check to see whether your domain allows emails to be sent by the servers sending the message (in this case, their own servers). If that record isn't there, there's a chance Gmail will put it's own email into your SPAM folder as a Phishing attempt with a message similar to the one below:

Be careful with this message it contains content that's typically used to steal personal information.

Unfortunately their errors aren't all that clear about this condition as it can happen on messages that contain no actual content. It looks like what they're actually detecting is that the mail server that sent the message hasn't been specifically allowed to send for your domain and could therefore be trying to fake your email address.

How to fix it?

Log into the website where you manage your DNS and create an SPF record for your domain that allows your mail server to send on behalf of your domain.
Instructions for Google Apps can be found here, but the process is similar for other mail servers. Your mail provider should have information about setting up an SPF record for their mail servers.

Make sure to create a TXT record as well as an SPF record, since some mail servers won't support the newer SPF records.

Finally, once you believe you're all setup, a great tool that will give you a lot of information about your DNS setup and SPF records is the DNS Report at http://www.dnsstuff.com/

Just put in your domain and it will let you know if everything is configured properly near the bottom of the report.