0

Hello I own a website which uses 2 different ways to sent emails to users:

-gmail configured like support@example.com -amazon SES

The problem is that the emails sent with SES goes allways into spam! my SPF record looks like: "v=spf1 include:amazonses.com include:_spf.google.com ~all" my TXT record looks like: "v=spf1 include:amazonses.com include:_spf.google.com ~all"

I have just changed this records as above, should I need to wait 48 hours or something similar?

Are this correct settings? if yes what could be the reason of my problem?

Luca Pennisi
  • 631
  • 2
  • 10
  • 14
  • SPF record mechanisms are denoted with a hyphen character ("-"), not a tilde character ("~"). You should change "~all" to "-all". This may not be the cause of your issue though. Additionally, DNS changes may not take effect until the "TTL" of your DNS record has expired. Take a look in your DNS configuration for this. – pattermeister Oct 05 '13 at 20:29
  • I'm sure you mean Google Apps instead of gmail and in that case, your answer is here: http://stackoverflow.com/questions/18941673/what-is-the-correct-spf-record-for-using-both-amazon-ses-and-google-apps – Christiaan Westerbeek Apr 29 '14 at 06:37
  • 1
    Nowadays you should not use both SPF and TXT, but only TXT containing the SPF record. See http://tools.ietf.org/html/rfc7208#section-14.1 – Ján Sáreník Jun 03 '15 at 12:11

2 Answers2

0

The first comment is actually not entirely correct!

Mechanisms can be prefixed with one of four qualifiers:

"+"  Pass
"-"  Fail
"~"  SoftFail
"?"  Neutral

SoftFail is usually the better choice than Fail because SPF has some flaws and a Fail could prevent some forwarded emails to not arrive at all instead of being flagged as possible spam. (I have experience with those problems since I have worked for several email providers)

Make sure to test your SPF records. You can use this website to test them: http://spf.myisp.ch

B. Martin
  • 1,047
  • 12
  • 18
0

First, as others noted, you are using SoftFail ~all. From openspf.org Record Syntax:

SoftFail: The SPF record has designated the host as NOT being allowed to send but is in transition

Intended action: accept but mark

You should use HardFail -all if you want the emails to be rejected when sent from an unauthorized server.

SPF protection is used to prevent spoofing. It's there to define the servers that are authorized to send emails for a certain domain. Generally, if the spf fail, the email will just be rejected and will not get into the spams.

There's a lot of possible reasons an email is getting into the spams, but it's generally because your email has been flagged as spam by a content analysis tool like SpamAssassin. You should contact whoever is managing the email filtering and ask them why exactly your email got in the spams.

Community
  • 1
  • 1
Simon
  • 774
  • 4
  • 21