Understanding the recent Richweb/Globalweb SPF (email) changes

Email 101 – You CANT send from: a domain unless that domain has specifically added your servers to their spf record.

For this example, we’re going to use a dummy domain and reference one of our partner sites, LogicDepot.com. This is based off an actual Richweb client situation. We’ve changed our client’s actual domain (email and web references) to clientdomain.ext to protect their privacy.

Set the “from:” address to a LogicDepot.com address and set the reply-to address to where you want replies to go.

I can see no one is logging into the DMARC account for [CLIENT]. Thats where all of these bounces would be going to.

Find out from Huy Phan (Richweb Employee) where this email box goes: dmarc@clientdomain.ext

Someone should be monitoring this inbox and correcting issues – like deleting student emails from EMS if they are bouncing.

We implemented DMARC as the [CLIENT] domain reputation was getting somewhat poor, due to sending too many emails without a DMARC policy and without having feedback loops (DMARC and SPF).

If you must have LogicDepot.com send emails on your behalf (set/fake the from: header), then Scott needs to give us the spf include for his domain email senders.

Typically this means we would change of spf from:
v=spf1 include:smtpgw.ipengines.net -all

to
v=spf1 include:smtpgw.ipengines.net include:_spf.logicdepot.com. -all

However, we would need what that include is, before we can add it.

This really isn’t ideal, however, as these emails won’t get DKIM signed.

Thus our first suggestion is the proper one. Stop sending emails from LogicDepot.com servers with the from: foo@clientdomain.ext.

They need to be:
Quote

from: donotreply@logicdepot.com
reply-to: department@clientdomain.ext
to: some.other.contact@aol.com

where department@clientdomain.ext can vary based on the campaign – it could be Tina for Scholar stuff for example.

Key Definitions:
DKIM – DomainKeys Identified Mail (http://www.dkim.org/)
DMARC – Domain-based Message Authentication, Reporting & Conformance (https://dmarc.org/)
SPF – Sender Policy Framework (https://en.wikipedia.org/wiki/Sender_Policy_Framework)