Is SPF enough to make sure emails get delivered to inbox?

unix linux email postfix dovecot

SPF can contribute depending on the way the recipient mail server has been setup. Generally I have seen it being used to weight a message as non spam, not act as a singularly decisive factor. DKIM will also help in the same way.

Having said that, the best way of your mail being treated as legitimate is to ensure to basics are covered

  • ensure the server is setup correctly, the server name (i.e. the name offered in the HELO/EHLO when you server delivers mail) is a valid FQDN
  • make sure the PTR record for the IP of server is set. It should (at the very least) have a valid PTR record, ideally it should match the server hostname (although not too many providers worry about a match. Your SPF record can specify both).
  • use a valid from address when sending mails for receiving servers that use sender verification (often [email protected] is the sender address for apache generated mail, but doesn't accept mail)
  • check that you aren't attempting to run a mail generating server on a provider range that is known to cause problems (EC2 elastic IP's gave us a fair amount of hassles - a few providers had blacklisted the entire range at one point due to spam problems. not sure if this is still the case)
  • check that your IP isn't listed on the commonly used RBL's (http://www.anti-abuse.org/multi-rbl-check/)
  • don't send spam (it's obvious, but you never know :)

you can check how a mail will be interrogated (with some handy DKIM and SPF validity checks) by sending an email to [email protected] - it will send back an automatic mail report.


No.

SPF is a mechanism for indicating which servers are allowed to send mail on your behalf. But it says nothing about whether or not YOU will be sending SPAM. And remember, it's the receiving server's decision what to do with the information it has and whether to accept your message -- they can make that decision based on any criteria they please.

Most servers take the following points into consideration:

  • The recipient's whitelist, blacklist, and/or addressbook
  • The content of the message
  • The "authenticity" of the message -- sender IP vs return address, MX records, SPF records, and DomainKeys factor in here
  • The "trustworthiness" of the sender's IP -- RBLs come in here, also the IP's country, ISP, and similar factors may be examined
  • The current and historical send rates of the sender's IP

That last point is one that many people don't take into consideration -- if you don't normally send much email, and then you send out a newsletter as a single "blast", your email will have a much lower delivery percentage. You're significantly better off sending out email in a constant flow with a slow ramp-up rather than sending out a single mass-mailing. When large companies need to alert their entire customer base about something (like Sony last week), it often takes days to get the message delivered to everyone.

Related

ZFS on enterprise RAID pass-through, and ZFS on FreeBSD root
How to use FastCGI globally and Basic Auth in sublocations in nginx?
Windows Server 2012 R2, cannot install any role or features using GUI Server manager
Does ZFS replace the need for hardware/software RAID?
Php-fpm status page is not displayed
Interface metric vs. route metric
Parse error in sudoers file
disable .recycle feature for samba shares
How to Run multiple command remotely using PSEXEC?
redirect wildcard subdomains to https (nginx)
Continue aborted cp
(network unreachable) error in my server logs