Menu
Reply
  • 17.52K
  • 959
  • 7.17K
Very Insightful Person
Very Insightful Person
10,730 Views
Message 1 of 1
Flag for a moderator

Sending email using your own domain

Introduction

Email is evolving new methods to combat spoofing of email addresses.  While there used to be no checks on what email servers can be used by particular domains, that is no longer the case.

Consequently when sending using your own domain using Virgin Media's SMTP servers you need to make sure that you have the correct DNS entries in your domain for DMARC and SPF.  Failure to do so can affect whether your outbound mail is successfully delivered or not.

Residential use only

Before I go any further I will stress that Virgin Media's mail servers are meant for residential use only.  If you are a business you should either have your own mail servers, or be using a hosting plan with an email provider that is suitable for business use.

Consequently the advice I'm giving here will assume that you have your own domain which is used for personal use.

What is SPF?

SPF or sender policy framework is used to identify the outbound email server IP's that a sending domain uses.  When an outbound server connects to a mail exchanger, the mail exchanger will use the test to see if the server is authorised to send mail for that domain. 

Dependent on the settings on  the mail server and/or a domains DMARC record mail that fails the check can be filtered as spam or rejected altogether.  Therefore if you have your own domain, you MUST check your SPF record is set up correctly.

How do I check my SPF record?

There are several ways to check if your domain already has an SPF record

From the Windows command line:

  1. Type cmd into the windows search box and press enter.
  2. type in the following command 
    nslookup -type=txt <domainname>

Here's an example from my own domain

 

C:\Users\timdu>nslookup -type=txt timothydutton.co.uk
Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Non-authoritative answer:
timothydutton.co.uk     text =

        "v=spf1 mx -all"

Use mxtoolbox.com

 

Go to mxtoolbox.com and in the lookup box and enter spf:<domainname>

Alternatively just enter the domain name and click the arrow next to the Lookup button to bring up a dropdown list and choose SPF record lookup

Via Your Registrar's Control Panel

The instructions for this will vary depending on which registrar you are using.  But all boils down to the same thing.  Log in using your account and take the option to view your current DNS entries.

The SPF entry is usually listed against the bare domain,  Note depending on the provider you may see either @ or just a blank box to represent this, and should be shown as a TXT record.

For example here's namesco

smtp2go_namesco_spf_dkim_3

Here's an example of a default SPF record for a domain happyted.co.uk

 

C:\Users\timdu>nslookup -type=txt happyted.co.uk
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Non-authoritative answer:
happyted.co.uk text =

"v=spf1 include:spf.hosts.co.uk ~all"

This domain is managed by namesco and the first thing I note is that the SPF record indicates that mail for this domain should be sent via namesco's smtp servers.

 

So the owner of this domain has two options.

  1. Check with namesco (or your own provider as appropriate) to see if their current plan allows the use of those mail servers to send mail.  If it does then the easiest option is to change my outbound mail settings to use those servers.
  2. Change the SPF record to reflect the fact that they are using Virgin Media's servers to send mail for their domain.

My preferred option is option one but if you want to take option 2 the correct SPF record to use is as follows

 

v=spf1 include:_smtprelay.virginmedia.com ~all

 

What about DMARC

Additionally if you intend sending via Virgin Media's outbound servers, you MUST have a valid DMARC record for your domain.

DMARC stands for Domain Messaging Authentication Reporting and Compliance.  It is used in conjunction with SPF and/or DKIM to authenticate your mail, and provides you as the domain owner with the following.

The ability to let other mail administrators know what you want done should mail fail authentication checks.

The ability to specify a mail address where aggregate and forensic reports can be sent to should mail fail said checks.

It also checks to see if the sending address and the authors email address are aligned, that is that the domains match or the authors domain is a subdomain of the sender.  If they don't match then the DMARC check fails regardless of the SPF result.

Adding a DMARC record can be done by creating a TXT record for _dmarc.<domain name> (note the underscore at the beginning)

A basic record for initial use can be

v=DMARC1; p=none; rua=reportaddress@domain

If you don't want to receive reports you can leave out the rua

p is the preferred policy should mail fail authentication

none           - Take no action (Note this does not mean mail won't be checked to see if it's spam)
quarantine  - Hold for further processing.
reject          - Don not accept the mail

See here for more information on DMARC

https://dmarc.org/overview/

If you do not have DMARC and/or the correct SPF records set up, then the mail servers at the final destination MAY not accept your mail.

If you have any questions regarding this please start a new thread and I will try to assist.

Tim

 

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

Use Kudos to say thanks

Mark as Helpful Answer if I've helped