What deliverability benefits do I get from FCrDNS? How should I set up SPF records using Sparkpost?

Summary

FCrDNS improves deliverability by verifying the association between the sending IP and domain, building trust with ISPs and preventing spam flags. However, ensure hostnames are not IP-based. SPF enhances deliverability by authenticating sending servers, preventing spoofing, and ensuring legitimate emails reach the inbox. For SparkPost, configure SPF via a TXT record ('v=spf1 include:sparkpostmail.com -all'). When using dedicated IPs, list IPs directly in the SPF record instead of using 'include:', which outsources authority. Remember SPF applies only to the bounce domain, not the sending domain. Use SPF with DMARC and warm up dedicated IPs to build sending reputation. Ensure rDNS matches the HELO/EHLO statement.

Key findings

  • FCrDNS Trust: FCrDNS builds trust with ISPs by verifying the association between the sending IP and domain.
  • SPF Authentication: SPF authenticates sending servers, preventing spoofing and enhancing email deliverability.
  • SparkPost SPF Record: SparkPost requires a specific SPF record ('v=spf1 include:sparkpostmail.com -all') in the DNS settings.
  • Dedicated IPs: List dedicated IPs directly in the SPF record instead of using 'include:'.
  • SPF Scope: SPF only applies to the bounce domain.
  • DMARC partnership: Use SPF in conjuction with DMARC for better protection

Key considerations

  • Reputation Management: Regularly monitor and maintain your sender reputation, especially with dedicated IPs.
  • IP Updates: Update SPF records whenever IP addresses change for dedicated IPs.
  • Authentication Strategy: Implement a comprehensive email authentication strategy, including SPF, DKIM, and DMARC.
  • Outsourcing Risks: Evaluate the risks of using 'include:' in SPF records, as it outsources authority to a third party.

What email marketers say
13Marketer opinions

FCrDNS provides deliverability benefits by verifying that a sending IP address is associated with your domain, which builds trust with ISPs and reduces spam flagging. SPF records enhance deliverability by authenticating sending servers, preventing spoofing, and ensuring legitimate emails reach the inbox. When using SparkPost, SPF records authorize SparkPost to send emails on behalf of your domain. Best practices include proper configuration of SPF records with dedicated IPs and awareness that SPF applies to the bounce domain, not the sending domain. When using shared IPs the SPF record will be handled by the provider (i.e. Sendgrid) but on dedicated IPs it should be handled yourself.

Key opinions

  • FCrDNS Benefits: Matching FCrDNS improves deliverability by verifying the sender's IP address and associating it with their domain.
  • SPF Functionality: SPF records authenticate sending servers and prevent spoofing, enhancing deliverability by ensuring legitimate emails reach the inbox.
  • SPF Configuration with SparkPost: When using SparkPost, configure SPF records to authorize SparkPost to send emails on behalf of your domain.
  • Bounce vs Sending Domain: SPF only applies to the bounce domain and not the sending domain.

Key considerations

  • Shared vs. Dedicated IPs: With shared IPs, SPF records are usually managed by the provider; with dedicated IPs, you need to configure them yourself.
  • Monitor SPF Records: Regularly check and update your SPF record to ensure it remains accurate and includes all authorized sending sources.
  • Reverse DNS: Setting up reverse DNS properly can improve email deliverability and is crucial for building trust with ISPs.
Marketer view

Email marketer from GMass shares that you can use SPF to allow the GMass servers to send emails appearing to come from your domain. This can improve your delivery rates, as SPF records help to confirm the email is coming from who it says it is.

May 2024 - GMass
Marketer view

Marketer from Email Geeks shares that instead of using CNAME for your bounce domain (in SparkPost terminology) you can just manually add the MX record, and set the SPF to point to just your dedicated IPs. However, if anything changes on your account and you get new IPs, it will be on you to remember to update the SPF!

February 2024 - Email Geeks
Marketer view

Email marketer from ExpertSender explains that SPF is essential for email deliverability as it allows receiving servers to verify that emails from your domain are sent from authorized servers. A properly configured SPF record helps prevent email spoofing and improves your sender reputation.

October 2024 - ExpertSender
Marketer view

Email marketer from Quora shares that an SPF record is a DNS record that lists the servers that are authorized to send email from your domain. It helps prevent spammers from forging your domain in the 'From' address, improving deliverability and sender reputation.

November 2022 - Quora
Marketer view

Email marketer from SendGrid shares that SPF records enhance email deliverability by authenticating your sending server. Implementing SPF correctly ensures that mailbox providers recognize your email as legitimate, reducing the chances of it landing in the spam folder. When using shared IPs the SPF record should be handled by Sendgrid but on dedicated IPs you should handle it yourself.

July 2024 - SendGrid
Marketer view

Email marketer from StackOverflow states that SPF validates that the servers sending mail on behalf of your domain are authorized to do so. This helps prevent spoofing and phishing attacks, and ensures that legitimate emails are more likely to reach the inbox.

November 2023 - StackOverflow
Marketer view

Email marketer from EmailToolTester explains that an SPF record lists all the IP addresses and domains authorized to send emails on behalf of your company. By properly setting it up, you are essentially telling email providers such as Gmail, Yahoo, and Outlook who can send emails for you. This will help improve your email deliverability rate and avoid your emails being classified as spam.

March 2022 - EmailToolTester
Marketer view

Marketer from Email Geeks advises not to mess with the SPF record, as it could break things. He also notes that there is always a theoretical risk of others using the infrastructure to send fraudulent messages, but providers like Sparkpost have internal controls to prevent this, so there's no need to worry.

April 2021 - Email Geeks
Marketer view

Email marketer from EasyDMARC says that SPF helps in preventing unauthorized use of the domain name and prevents malicious actors from causing harm to your brand’s sender reputation, deliverability, and customer trust.

September 2021 - EasyDMARC
Marketer view

Marketer from Email Geeks shares that there is no extra deliverability benefit once you have FCrDNS set up, but to be wary of hostnames that are IP based, such as <http://111-222-333-444.example.com|111-222-333-444.example.com>.

July 2023 - Email Geeks
Marketer view

Email marketer from Mailjet explains that having a matching Forward Confirmed reverse DNS (FCrDNS) record can improve email deliverability by verifying that your sending IP address is associated with your domain. This helps to build trust with ISPs and reduces the likelihood of emails being flagged as spam.

May 2021 - Mailjet
Marketer view

Marketer from Email Geeks reminds that SPF only applies to the bounce domain and not the sending domain.

January 2022 - Email Geeks
Marketer view

Email marketer from Reddit explains that reverse DNS is important because it provides a way for receiving mail servers to verify that the IP address sending email for your domain is actually authorized to do so. This helps build trust and can improve deliverability.

January 2023 - Reddit

What the experts say
4Expert opinions

FCrDNS is important for verifying that the IP address sending email for your domain is authorized, impacting sender reputation. SPF prevents spammers from forging the 'From' address, and is part of an overall email authentication strategy that should include DMARC. For dedicated IPs, avoid using include: in SPF records and instead, list the specific IPs. Includes are outsourcing authority to a third party, so avoid using them if concerned about identity hijacking.

Key opinions

  • FCrDNS Importance: FCrDNS helps mail servers verify that the sending IP is authorized.
  • SPF Role: SPF prevents domain forging, improving deliverability.
  • Dedicated IP SPF Configuration: For dedicated IPs, list IPs directly in the SPF record instead of using 'include:'.
  • Includes Outsourcing: Using 'include:' outsources authority; avoid if concerned about identity hijacking.
  • DMARC is important: SPF should be used in conjunction with DMARC for better protection

Key considerations

  • Sender Reputation: Mismatched FCrDNS negatively impacts the email sender's reputation.
  • Overall Strategy: SPF is part of a broader email authentication strategy.
  • IP Management: Carefully manage your IPs and update the SPF record accordingly when using dedicated IPs.
  • Risk Tolerance: Assess your risk tolerance before using include statements or CNAME in your SPF records.
Expert view

Expert from Word to the Wise explains that SPF helps in preventing spammers from forging the domain in the 'From' address. Word to the Wise highlights that SPF is only a part of an overall email authentication strategy, and that for the greatest protection, implement DMARC as well. (While this site doesn't directly address SparkPost SPF setup, it emphasizes the benefits of SPF in general email authentication.)

June 2021 - Word to the Wise
Expert view

Expert from Email Geeks explains that includes: are outsourcing the responsibility / authority to a 3rd party, making sense in many cases. However, if you’re that concerned about someone else hijacking your identity (and thus your reputation) then don’t use an include or a CNAME.

October 2024 - Email Geeks
Expert view

Expert from Spam Resource explains that FCrDNS is important as it helps receiving mail servers verify that the IP address sending email for your domain is authorized. A mismatch negatively impacts the email sender's reputation. While this site doesn't directly provide instructions on setting up SPF records with SparkPost, it highlights the general importance of both FCrDNS and SPF for email deliverability.

August 2024 - Spam Resource
Expert view

Expert from Email Geeks explains that the point of SPF is not what Johan says it is. But, if you have dedicated IPs, the fix is to not use an include: in your SPF record, but instead list the IPs that you are using for that string.

April 2022 - Email Geeks

What the documentation says
6Technical articles

SPF records authorize sending servers to send emails on behalf of your domain, improving deliverability by preventing spoofing and phishing. SparkPost configuration involves creating a TXT record with 'v=spf1 include:sparkpostmail.com -all'. Dedicated IPs, reverse DNS (rDNS) pointing back to your sending domain and warming up your IPs builds trust with ISPs and prevents outgoing emails from being marked as spam, especially when rDNS matches the HELO/EHLO statement.

Key findings

  • SPF Authorization: SPF allows domain owners to authorize which mail servers can send email on their behalf.
  • SparkPost SPF Setup: Create a TXT record in DNS with 'v=spf1 include:sparkpostmail.com -all' to authorize SparkPost.
  • rDNS Verification: Reverse DNS lets mail servers verify hostnames associated with an IP address.
  • Dedicated IP Warming: Dedicated IPs can be warmed up to build sending reputation.
  • Prevent Spoofing: SPF prevents spoofing and phishing attempts by validating email origin.

Key considerations

  • rDNS Matching: Set rDNS to match the domain used to send emails and the hostname in the HELO/EHLO statement.
  • Ongoing Maintenance: Regularly monitor and update SPF records to reflect changes in sending infrastructure.
  • Dedicated IP Reputation: Build and maintain a positive sending reputation when using dedicated IPs.
Technical article

Documentation from RFC Editor (RFC 7208) specifies that SPF allows domain owners to authorize which mail servers are permitted to send email on behalf of their domain. This helps prevent spoofing and improves deliverability by providing ISPs with a way to verify the authenticity of email messages.

June 2024 - RFC Editor
Technical article

Documentation from Microsoft explains that SPF records can help prevent spoofing and phishing attempts by validating the origin of emails sent from your domain. It helps improve deliverability by ensuring that receiving mail servers can verify that the email is coming from a trusted source.

January 2023 - Microsoft
Technical article

Documentation from DigitalOcean explains that reverse DNS (rDNS) lets mail servers verify the hostnames associated with an IP address. Setting rDNS to match the domain used to send emails can prevent outgoing emails from being marked as spam. rDNS is most effective when it matches the hostname presented in the email's HELO/EHLO statement.

July 2022 - DigitalOcean
Technical article

Documentation from Google Workspace Admin Help indicates that SPF records help prevent spammers from sending messages with forged 'From' addresses at your domain. When a receiving mail server gets a message from your domain, it can check the SPF record to verify that the message was sent from a mail server authorized by you.

October 2023 - Google
Technical article

Documentation from SparkPost explains that dedicated IPs can be warmed up to build a sending reputation which provides additional deliverability benefits. They recommend setting up reverse DNS (rDNS) to point the IP address back to your sending domain, which helps build trust with ISPs.

May 2022 - SparkPost
Technical article

Documentation from SparkPost explains that SPF records authorize SparkPost to send emails on behalf of your domain, improving deliverability. To configure SPF, create a TXT record in your DNS settings with the value 'v=spf1 include:sparkpostmail.com -all'.

April 2024 - SparkPost