In our household we mostly use Ionos (formerly 1&1) for forwarding our email correspondence. While I personally had little to no issues so far with dropped emails due to spam filters of Google, Microsoft, etc., other members of the household were not so lucky recently. The main problem of emails erroneously dropped by spam filters is that there is no way of knowing that this has happened until people tell you that they haven’t received an email. Since I’m not affected, I was wondering why it happened to other family members recently more than once, and what could potentially be done about it.
Perhaps the reason for some emails being dropped was the number of simultaneous recipients and perhaps the links that were part of the message, two traits that are probably typical of the average spam email. But there is no way of really knowing, as those filters seem to breath and react differently on a daily basis. As the situation was getting a bit critical with more and more messages dumped, one idea mentioned by members of the household was to open a Gmail account to send messages. Well, not quite what I’d like to do.
So I had a look around to see if there are other options. It turned out that the big email providers suggest to add an SPF record to the DNS entry of the domain from which emails are sent. SPF stands for Sender Policy Framework, and an SPF record basically announces the IP addresses of the SMTP servers that are allowed to send emails for the domain. The practical implementation has a few more bells and whistles, see Wikipedia for details. Also, it turned out that IONOS provides a standard SPF record that can be added as a TXT entry into the DNS settings. There’s even an automated option on their DNS configuration page. That’s nice, but the average user will never find their way there. This makes me wonder why the SPF record was not set by default!?
As can be seen in the screenshot above, Ionos recommends not to use IP addresses but instead use a domain name pointer to another DNS record for the actual IP address list of their SMTP servers. Makes sense, as this enables them to add/change/delete SMTP servers when necessary. So here’s how the indirect SPF list looks like:
$ dig txt _spf-eu.ionos.com
[...]
;; QUESTION SECTION:
;_spf-eu.ionos.com. IN TXT
;; ANSWER SECTION:
_spf-eu.ionos.com. 9565 IN TXT "v=spf1 ip4:212.227.126.128/25 ip4:82.165.159.0/26 ip4:212.227.15.0/25 ip4:212.227.17.0/27 ip4:217.72.192.64/26 ?all"
In the weeks after setting the SPF record, I haven’t heard any more complaints about dropped messages, so I’m hopeful that this has actually fixed the problem.