I'm sending weekly emails to subscribers and it turns out that messages are frequently going to the spam folder for users.
I'm utilizing Amazon SES to send these messages and have added an SPF record according to their instructions: http://docs.amazonwebservices.com/ses/latest/DeveloperGuide/SPFSenderIDDKIM.html?r=3917
In querying the SPF records for my domain I get the following back from http://www.kitterman.com/spf/validate.html:
SPF record lookup and validation for: mydomain.tld SPF records are primarily published in DNS as TXT records. The TXT records found for your domain are: SPF records should also be published in DNS as type SPF records. Type SPF records found for the domain are: Checking to see if there is a valid SPF record. Found v=spf1 record for mydomain.tld: v=spf1 include:amazonses.com ?all evaluating... Results - record processed without error. The result of the test (this should be the default result of your record) was, none . The explanation returned was,
For my CloudFlare DNS records I have:
SPF mydomain.tld v=spf1 include:amazonses.com ?all with automatic TTL TXT mydomain.tld spf2.0/pra include:amazonses.com ?all with automatic TTL
The emails are being sent from "[email protected]" and "[email protected]".
Some users have reported seeing the following message: "Messages that falsely appear to be a "bounced message" response (a system-generated email that you might automatically get after sending a message that can't be delivered such as a message sent to an invalid email address)"
With my current sending solution I can't add a DKIM to the emails.
How can this be resolved so as to ameliorate any kind of receipt issues for our users?
If you're not sure what these services are, review Identify all email senders for your organization, in Before you set up SPF. Your SPF record should include a reference to Google Workspace, and to the domains and IP addresses of all servers or services that send mail for your domain.
For SPF authentication to pass, all these conditions must be met: you have exactly 1 SPF record on your domain; the record's syntax is correct; the total number of DNS lookups can't exceed 10.
There are no valid TXT
records for your domain (notice that the test doesn't return any, see below for a working example), which is caused by missing quotes around those TXT
records you defined, as explained e.g. in Record Types Supported:
Unlike with most other record types, for TXT records the Data field is essentially free-form and may even include spaces. Please note: When entering a string that includes spaces, such as SPF records, you must enclose the string in double quotes; otherwise, individual words will be separately quoted and break up the record into multiple parts.
Here are the TXT
records we currently use successfully for Amazon SES as per Authenticating Your Email Address and (it's indeed unfortunate that their documentation doesn't address the quoting needs):
"v=spf1 include:amazonses.com ~all" "spf2.0/pra include:amazonses.com ~all"
Accordingly, here is our domain's abbreviated result for the test you have been running:
SPF record lookup and validation for: [...] SPF records are primarily published in DNS as TXT records. The TXT records found for your domain are: spf2.0/pra include:amazonses.com ~all v=spf1 include:amazonses.com ~all [...] Checking to see if there is a valid SPF record. Found v=spf1 record for services.marescom.net: v=spf1 include:amazonses.com ~all
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With