It helps to know what error messages you are getting. You can post them on here and mask out any personal information such as full email address.
With regards to my post what part do you not understand?
To clarify what SPF is - imagine 3 people Bob Alice and Fred.
Bob normally passes any messages he has to send via Alice, so he puts the word out that only messages arriving via Alice should be treated as genuine. Thus when Fred receives a message from Alice claiming to have been sent by Bob then he accepts it as genuine.
One day a 4th person called Mark tried delivering Fred a message claiming to be from Bob, Fred checks and sees that only Alice should be delivering Bob's mail so Fred either rejects the message outright or is very careful about trusting the message.
SPF works in exactly the same way. It essentially says that messages being sent from my domain will use mail servers on specific IP addresses. While there are a number of directives in SPF, ultimately they all resolve to a valid IP address or list of IP addresses.
And then finally the address of box.timothydutton.co.uk
PS C:\Users\timdu> Resolve-DnsName box.timothydutton.co.uk
Name Type TTL Section IPAddress
---- ---- --- ------- ---------
box.timothydutton.co.uk A 806 Answer 184.108.40.206
So if I send you an email from an address ending with ravenstar68.co.uk - UNLESS the mail server that delivers the mail is on 220.127.116.11 the mail will be deemed to be suspicious.
Virgin Media have gone one step further. They won't allow a third party mail to be sent via their servers UNLESS the SPF record allows it. Take the following record
timothydutton.uk. 1800 IN TXT "v=spf1 mx include:_smtprelay.virginmedia.com -all"
Note: This was set up as I wanted to demonstrate how to send via Virgin Media's servers while using a relay server on my home PC to sign mail with DKIM. The key element here though is that I've included Virgin Media's SMTP relays in the list of servers allowed to send for my domain.
So you need to go to your domains control panel and make sure your SPF record includes _smtprelay.virginmedia.com (Note the leading underscore character).
However you might want to consider doing away with forwarding altogether. Anti spoofing techniques mean that use of Forwarding servers can end up with inbound mail being rejected or marked as spam even if it is originally from a genuine source.
At time of writing Zoho mail still allow mail hosting for a single domain with up to 25 email addresses on that domain. There are other alternatives. I currently host my own mail on an Ubuntu Virtual Private Server using Mail in a Box.
As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.
In the so called 'good old days' email sending and receiving was a bit of a wild west, the spammers and pretending that email has come from one address when it actually come from elsewhere (spoofing) has made it vastly more important that email systems take some steps to verify that the mail is genuine before delivering it or just reject it.
What's happening here is something like this
You compose an email from firstname.lastname@example.org (so far all well and good) You submit that to VMs mail server - you have a valid account so you can put in your VM account details to authenticate yourself, the VM mail server accepts the message and starts to forward it in. The message arrives at the destination email server which starts to run a few checks, what it might do is to do through the (normally invisible) header on the email and check which server it originally came from. It finds that the message originated from a VM server and starts to think to itself 'hold on this message apparently originated from a VM system (it looks only at the first server not the address of your PC etc on which the message was originally written), but the domain name is @fred.com - so why would VM be handling mail for that domain? All looks a bit dodgy so I'll bounce that message and not deliver it to the destination.'
Alternatively it might do a reverse DNS lookup and see if the message has come from the same IP address as used to send messages to fred.com - they won't match so again the message is flagged as suspicious.
Sender Policy Framework (SPF) is a very common check to see if email has originated from where it should have, and @ravenstar has explained how that works, and there are other methods which may or may not be used.
The point is the onus to do this is all on the receiving system and some are more rigid than others, which is why sometimes your mail gets through and other times it doesn't. Sometimes it works for a while to a particular recipient and suddenly stops working for no obvious reason, the reason generally is that the receiving system have tightened up their policy and starting dropping your messages.
So assuming that you have control of the DNS records for your domain, you need to start by adding a new TXT (text) record. The hostname part of the new record can be left blank, leave the TTL as the default (probably 3600) but the body of the record should read;
"v=spf1 include:_smtprelay.virginmedia.com ~all"
Watch out for the spaces, the colon and the underscore, they're all important.
It works like this
v=spf1 is just the version number but it also tell the destination system that this is an SPF record (as an aside, there used to be a specific SPF record type in DNS but it's no longer used)
include:_smtprelay.virginmedia.com (simply means if the received email should have originated from this address)
~all the ~ (tilda) character means a soft fail, basically the receiving system should accept mail from any source and decide itself what to do about it, -all is a hard fail, in other words if it hasn't originated from the system specified then definitely kill it. I can't see much advantage in the hard fail option (unless you know for a fact that your domain is being spoofed and used to send out spam) and generally just opt for the ~all at the end.
If you send out email via multiply relays then you can chain up additional names (there is a limit though so not too many), so if you also wanted to set it up so you can use Google's servers to send out mail, other than setting up the gmail accounts your SPF record would look like