Sender Policy Framework (SPF) is a system that prevents unauthorized servers from sending emails on behalf of a domain. This system verifies if the server follows the policies determined by the administrator of that domain. This configuration is essential to avoid deliverability issues for transactional emails.
If you are trying to improve the deliverability rate of transactional emails in your store, consider setting up DKIM as well.
Understanding syntax
For syntax details, we recommend that you read the documentation Sender Policy Framework SPF Record Syntax.
In the DNS manager, the SPF will be a TXT entry in the domain root (ex.: site.com) with the following format:
site.com. IN TXT “v=spf1 a mx ip4:192.0.2.32/27 include:provedor.com ~all”
We can divide the policy above into the following sections:
- v=spf1: required prefix.
- a mx ip4:192.0.2.32/27 include:provedor.com: authorized senders.
- ~all: condition for including or excluding senders except the ones previously declared.
When applied for authorized senders, the above rules mean a server can send messages on behalf of the given domain (site.com) if:
- a: its IP address is found in the domain's type A entry.
- mx: it is designated as the domain’s MX record.
- ip4: it belongs to the- 192.0.2.32/27IP address block.
- include: it satisfies the SPF rules in the referenced domain (provider.com).
The inclusion or exclusion condition can have the following values:
- +all: any sender will be authorized.
- -all: any sender (except the declared ones) will be rejected.
- ~all: another verification step will be required to reject unauthorized senders. (Recommended)
- ?all: the verification of unauthorized senders will be disregarded.
We recommend using ~all, which has a better deliverability rate. If there is an unauthorized sender, this option does not stop the sending of the email, but informs that the SPF validation failed.
SPF in the VTEX context
VTEX uses the include:amazonses.com SPF. This is Amazon's transactional email sending service, used in the default sender (VTEX type) of Message Center.
See our article Setting up the SPF for more details.