Hotmail Email Filtering and SPF: Email

Email Linked In RSS Feed

Hotmail Email Filtering and SPF

Category: Linux & Server Admin Tags: Email | Written on Mar 01, 2008

Changing email encoding solved many of my email sending woes, but hotmail was still refusing to accept my outgoing emails. In researching email acceptance, I found out that many people are having issues with hotmail silently refusing their emails. This has even resulted in a petition to remove Microsoft's intense spam filtering system that blocks legit emails (including mine). That aside, I did some research to find someone with a solution.

I started my search at my web host, Media Temple, and found an article on hotmail and yahoo email spam flagging issues where they recommended using a SPF record. Next, I found someone who this solved his hotmail email sending issues with this SPF record. This SPF must be the magic bullet, I thought.

What is a SPF record you say? Before I get into that, I want to give you some information that was helpful for me to understand why my email was getting dropped by hotmail.

Introduction to DNS Records

DNS records play a huge role in the, "I'm not spam" game. Let me explain the basics.

When you register a domain you have to set your name servers in your domain control panel. This usually looks like: NS1.DOMAIN.COM and NS2.DOMAIN.COM. These records would give the company who owns DOMAIN.COM rights to your DNS records. Your DNS records control everything associated with your domain and can be changed via your domain control panel. In your control panel, you will find something called A or CNAME records. These records point to your web server. In my case, my control panel shows A records as: *.domain.com, and domain.com point to the IP address of my web server.

bread and butter

Look at A or CNAME records as your bread and butter records that tell you where your server and files are.

The other basic type of record is your MX records. The MX records point to your incoming mail server(s).

Email keys

When you think of MX records, think of email.

Some registrars, like Yahoo, only allow you to edit these three basic types of DNS records: your name servers, MX records and A/CNAME records. This works in most cases (consumer and small business), but I found they will not allow you add any custom records to your DNS information such as TXT or SPF.

My original plan was to use Yahoo as my mail server, but they won't let you set this SPF record, so that means Yahoo (*erhm* Microsoft's pet) just lost my business.

So what is SPF?

The Sender Policy Framework is used to tell mail servers that your outgoing mail as legit. As far as I can tell, it is the key to unlocking hotmail to receive your outgoing emails in the midst of the spam wars. To add this SPF record, it is pretty straight forward. Your web host should know and be able to help you with this - my web host provides an article on setting up an SPF record.

Let me give you an example. I want to tell mail servers that it is okay if email originates from my dedicated web server, which has IP address 555.555.555.555. So, I would specify this by adding a record to my DNS of type TXT that looks like:

v=spf1 a mx ip4:555.555.555.555 ~all

"v=spf1" says that it is a Sender Policy Framework record. "a" and "mx" states that the records come from my original domain name. And finally the, "ip4:555.555.555.555" is what really matters - it states sending mail from the server with that IP address, 555.555.555.555 is acceptable.

You can generate your own record with the SPF Setup Wizard. You still have to know the basics of DNS though, which is why I explained them earlier.

In the end, make sure that the company you point your name servers to allows you to add a custom SPF/TXT record. It is worth the time to understand this if you plan on sending automated emails to a wide audience. You don't want your users to ditch using your application because they are waiting for an email for 10 minutes with no response.

Comments

#1. Booch http://serion.thebbs.org on Feb 19, 2008
I'm left hanging! Did adding the SPF record to the DNS do the trick? Does Hotmail now accept and show email sent? We ran into the same problem where all other email providers were accepting our email except for Hotmail. The only other workaround we found was to communicate to the user/customer to whitelist the email address we were sending from and that worked fine. Of course, this solution would be much better if it indeed does work.
#2. Marc http://marcgrabanski.com on Feb 19, 2008
Sorry to leave you hanging. What I posted is an attempt at making sense of my research on the subject. In my case, Yahoo doesn't allow adding SPF records and I'm currently using them as my mail server. I'll be switching over and adding the SPF record very soon. I follow up with you on how it goes. Note that of all the hotmail issues that I've read about, it appears that adding the SPF record has always been the solution.
#3. Marc http://marcgrabanski.com on Feb 26, 2008
UPDATE: Sending to hotmail now works! I also sent them a support request and they gave me further email advice.
#4. John G on Apr 13, 2008
Hi Marc, I have been struggling with this issue for over two weeks now. Both Yahoo and Hotmail send my emails directly to spam while Gmail and AOL work fine. I run my own SMTP server and have setup both an SPF and PTR which seem to be valid and tech support from my ISP says my DNS and SPF/PTR are fine. Is there a trick I am missing? Do I need to remove or include something in my email Header or SPF? Your help would be greatly appreciated!
#5. Marc http://marcgrabanski.com on Apr 14, 2008
Hotmail and Yahoo may blacklist any domains that are considered, "new". So maybe if your SPF records are fine, you might need to somehow make them aware that you exist. Microsoft has a dedicated site to post masters: http://postmaster.msn.com/ you can email support from there and get them to acknowledge your existence. I hope that helps.
#6. John G on Apr 14, 2008
I am in the process of doing this ... I will let your readers know the results. If anyone else has tips please post them. This is a common and frustrating problem for developers. Thanks.
#7. John G http://www.hellotree.com on May 07, 2008
Well I never could figure out a solution. So we decided to pay authsmtp for a remote SMTP relay and they seem to stay out of all the spam boxes. However for some reason just Yahoo seems to be very slow in receiving emails to the inbox... sometimes up to an hour long wait. Maybe my SPF needs tweaking? Anyway just wanted to update readers. And our site is now live... check it out at http://www.hellotree.com
#8. Marc http://marcgrabanski.com on May 09, 2008
Sorry you couldn't get things solved via sending mail from your own server. Remote SMTP is the next best thing. Interesting website, I was thinking of doing something similar dealing with family trees.. but also having the ability to list peoples' birthdays and special events that gets sent out to the entire family.
#9. Don Hammond on May 19, 2008
Marc: My daughter has had a Hotmail account for many months, and suddenly I'm getting bouncebacks alleging that there are complaints about the IP address. I'm using Eudora 6.2, and my internet provider is Comcast. Strangely enough, she sent me an email using the Hotmail account, and when I replied she received it. When I initiate an email, I get the bouncebacks. If you have any suggestions aside from visiting the Microsoft postmaster site I'd of course be grateful. thanks, Don Hammond
#10. Rafael http://rafa3l.com on Dec 08, 2008
Hello,

I sent every week a newsletter from more than one year and just yestarday the email don't arrive to hotmail.

I already create the record (I use Mediatemple too) You know how many time I must wait to get it working again? this is not inmediate?

Thanks in advance
#11. Wes Barnes on Mar 12, 2009
Marc,

Thanks for sharing your experience! It helped resolve my issue.

I also use Media Temple to host my email. I have a friend who has a hotmail account. At some point earlier this week messages to that friend started bouncing back. It was from both Media Temple domains (I own two different web sites) that own. I went in and added the following...

"v=spf1 a:mydomain.com/20 ~all"

to my DNS zone, as stated in the in Media Temple's instructions (http://kb.mediatemple.net/questions/658/HOWTO%3A+SPF+-+All+Purpose) and I was all set. Oddly, I have another friend that has a Hotmail account and I was able to send to them without issue but I suspect that could be server specific issue. Anyway, thanks again.

w
#12. Ismail http://www.miscomputer.net 3 weeks, 5 days ago
Hello Mark,

Thanks for this nice post. I have been managing several domains for about 4 years for my own business and due to deliverability issues, I had switched to another gmail address. However, as it seems skeptical for the people, I have decided to get back to my own domains and found this SPF thing 2 days ago. After some research, I could manage to run it. However, interestingly, after activating SPF record, I have started to receive spam messages from my accounts to my own account in one of my domains. That's to say, in one domain, I have 3 mail accounts, and within a day, I started to receive around 30 to 40 spam mails with the same from and to addresses. More interestingly, in the details (in gmail) it says that mailed and signed by my own domain, miscomputer.net. What could be the reason you think ? Any help will be highly appreciated.
#13. Marc Grabanski http://marcgrabanski.com 3 weeks, 5 days ago
Ismail:
Email / domain policies is that black box of wierdness that I have only begun to explore in this article. I do not have the answers for your specific situation.

Leave a Comment

Other Reading - Categories