Whether you just want to start using business email and have never used it before, or if you have been using business email for many years and need to solve nagging problems, this page is going to help with solutions and strategies for success. You may think that sending emails should be logical, easy, and make sense, the reality is often far from that. It can seem impossible to solve nagging problems as they often seem so random and nonsensical why they happen. Never fear, there are solutions to make the process far better.
If you want a quick and easy strategy that works, you can just simply do the following and should be fine.
- Do not send emails to anyone that is either not expecting them or that is not already legitimately doing business with you. There are some exceptions, but the point is sending unwanted emails does not work out well.
- Use Microsoft 365 or maybe Google Workspace as your regular email provider and something like Constant Contact or Mailchimp for bulk emails. I know that there are inevitably very experienced users that will tell me in very detailed ways how wrong this is, but for beginners, these are the best services (even though I personally despise both Microsoft and Google leadership)
- Don’t be too cheap, unrealistic, or take this lightly. Your ability to send emails to people is NOT GUARANTEED and you do have to live up to your responsibility to live by best practices for using email and not annoying the users of the services you send emails to. I know this may sound rude, but honestly stubborn people are some of the single biggest reasons for email problems there are. Don’t be stubborn. You cannot just force your way here. You must understand how to be a good email citizen or risk having your emails go to spam or get blocked.
Of course not every situation is the same. Not every solution is right for every person. There are those who are better served in ways other than what I just said in the above 3 basic rules. I know that just saying things the way I did there will immediately turn a lot of people off, but unless you understand more then those simple rules will work better than other simple alternatives. For those that need to know more, of course the more in detail reasoned approach follows.
Business Email is Very Different Than Personal Email
For those used to personal email, it seems like it should be simple, free, and always get to the intended recipient. It may boggle the mind to think that you can actually have to pay for a service that does not deliver email as well and that is a lot more of a headache than personal email. While good business email absolutely does have more tools than the free standard email we are all used to, there are a lot more challenges that free personal email users are not likely going to expect.
First off, understand that most people would never take any invoice sent from free gmail, hotmail, or yahoo address seriously unless they are very familiar with the sender. The same is not true when an email is being sent from a legitimate business email address. Email based on your own domain absolutely can carry a lot more weight of legitimacy and respect with it than any free personal email can, when being used for business purposes. Most people are far more likely to do business with a company that has their own legitimate business email than one that does not. Using a free personal email makes you look small and not established well in many people’s eyes. A lot of studies have been done and yes business email with your own domain is an essential part of having an online presence if you do much communication by email. Yes there are always people that will argue the point and say how long they have used their gmail address for and that it has always worked for them. I understand that, but lets be honest. That just is not a reliable business plan. It absolutely is something that is a workaround with a great number of problems that are deal breakers for most businesses. The only right way to go to ensure success is to have a business email.
Knowing that business email does have a far better air of legitimacy in most minds, you should be able to understand that business addresses do tend to have a harder time getting though spam filters. It is not just that more emails are often sent by business addresses. It is not just that popular email providers have their email servers configured correctly. There is absolutely an aspect to it where your own business email does have more ways you will likely be scrutinized than the personal addresses will. Because of that, it is good to take the task of getting emails to their inbox and out of spam very seriously. Yes some businesses barely use email and could almost get away with any solution. That is great if you can do that, but the people going this far down on the page very likely have situations where it is just not possible to barely if ever use email. They need to use it and it needs to work.
Types of Business Email Servers/Plans
I had just mentioned Microsoft 365 and Google Workspace business email earlier, but yes there absolutely are other ways to run business email. There are options that can certainly be better for many than the two I mentioned. Before considering any other options and what is right for you, it is best to know more about the choices. Not all plans are right for all people.
First off on the cheaper end of things is the email that can come as a part of a web hosting package. These email plans are usually run on the same server as makes your website run, but there are places that still do run separate email servers and throw in that as a part of the package to be competitive. These are usually the cheapest way to get email. One package that was sold on the domain.com/ipage related brands was about $13 per year and allowed somewhere between 100 to 200 email addresses max. That is obscenely low priced. I am not sure if you can get email for that price still. If you can, the only way would be to ask the right rep and get lucky if you are on the right brand. It is completely pointless to try though. My point is to NOT BE CHEAP! If any random person can buy even today a hosting plan on sale for about $20 to $50 on sale for the year that allows for that many emails, trust me you are not by any stretch of the imagination the only one that will find that.
You do get what you pay for. I have been in the industry for many many years. When you have such a low priced system that allows for hundreds of email addresses to be created THERE ARE PEOPLE WHO WILL USE AS MANY AS THEY CAN! Yes you do have businesses with a couple hundred employees all trying to spam as much as they can out of the plans without doing so much that they get shut down and kicked off the servers and banned by the company that runs them. You may think I am lying or just telling a one off story. I assure you that I am not. There are many places in mostly non-US areas that want things as dirt cheap as they can get them. They will hunt for the absolute lowest bottom dollar price they can find. They will then use it to the max and hound the support reps that work for the company over and dover and over and over and over again because the email is not working how they like. These people will think it is their God given right to send anything they feel like, and as “their business is being affected” by this, then it is the company’s fault.
I am not the least bit joking, venting, or blowing it out of proportion. If you have not met a psychopath or narcissist in your life, consider yourself very lucky. If you want to meet one, start working for a company that consistently offers the absolute lowest price email hosting anyone can find. I guarantee you will quickly get your fill. You need to understand while you personally will not abuse the system like they do, having them on the same servers is death for your business emails. Yes it can still work for light users but it is best to not risk that. The people that spam emails are so out of touch with reality that they will keep calling the company they are tying to spam from demanding better service. They will call it marketing, leads, quotes, offers of service, and many other things that do sound nice. At the end of the day, it is all unexpected and unwanted email from those they send to. It also has a lot of bouncebacks and gets the servers on blacklists that will affect other emails that are on the same service.
The higher tier hosting companies that cost more will not have as many horrible problems with such spammers, but they will have them. Just having a hosting plan at even a slightly higher price does absolutely cut out a lot of the riff raff that causes the problems. Trust me, there are a lot of completely oblivious people that will still be there. Yes many people do not understand that you cannot just get the right to send 750+ emails per hour from a shared email server just because you want to. While there are email limits and better management to prevent such users from causing problems, it is still an environment that is not as good as other options.
If your business is going to have website hosting on a hosting company that is more of a performance host and not a rock bottom dollar host, the email should be good enough for light to some medium use users. It is not as good as other email solutions that I will mention later, but it is good for some people. If you need 30 email addresses that are not going to be used way too much on outgoing email, then this is good. Incoming email is not much a problem on these systems typically. The bigger problem is that outgoing emails have a somewhat lower delivery rate to the inbox. Also, connecting the POP and IMAP email they offer is not going to be easy for the technically challenged users which you are likely to have if you have a number of people using the email.
A different type of email is run on a VPS, Dedicated server, or a local server. These types of servers are ones that are completely unlocked. You can do whatever you want for the most part, but that is the challenge. More power in website and email servers is NOT just more ram, a faster CPU, and more bandwidth. There are a lot of very complex technical settings and YES getting those exactly right is a very large part of the performance you will get. Throwing money at the hardware only gets you so far. If you do not manage the software and settings right, your nice hardware will just be an expensive money pit. While these types of systems absolutely can be the best way to do email for many businesses, they can be the most horrid stinking mess of a solution that is even far worse than buying the cheapest of the cheap shared email plans alongside a lot of known spammers. It can be an absolute epic disaster. So if you are reading this article, chances are you do not have the experience to run one of these servers without the risk that bad things will happen. The email industry is not logical past a certain point. Yes, if you are good with tech you can read up on advanced DNS and server settings. Yes you can learn WHM and how to reset Exim. Yes you can learn a lot of this. Problem is that there is a completely nonsensical side to the email industry that it is impossible to just get by logic, reason, and research. It just takes a bit of experience. If your project is such that hiring a very good person to run your email server makes sense to you then this is a very decent alternative. Otherwise do not ever get such a server. It is not something that will end well for most people that are not very good at tech.
The last type of regular email services I will mention here are Microsoft 365 and Google Workspace. Yes there are smaller places that are neither the shared email with hosting, nor a VPS that are decent. For the purposes of this article, I have to go based on price, performance, technology, ease of use, and such concerns as would affect novice to intermediate users. Microsoft and Google right now just are far and away better at most of those things than the rest of the industry as a whole. That is just how it is. I personally detest Microsoft, Google, Apple, and most big businesses. I have seen first hand many of the practices they have used to become so big and stay at the top. They are not nice people that are at the top of those companies. They really do not have your best interest in mind like they say they do.
If I obviously do not like either Microsoft or Google, then why am I recommending them so highly as email service providers then? It goes down to the technology, performance, availability, and ease of use for people that are not very experienced at email. When it comes down to it, the technology that makes email work across the industry (POP, IMAP, and SMTP) are very old and have not had any major upgrades in many many years. Both Google and Microsoft do have newer tech that they use. For Google users, that is limited to their own apps. If you are not using a Google website or a Google app, then they also connect through POP, IMAP, and SMTP like everyone else does. Microsoft has a protocol called Exchange. Whatever device that you connect to, it just is smoother with exchange. It is the only one of the technologies widely available that can sync emails, contacts, and calendars (IMAP can only sync emails, not contacts or calendars). Yes I know people that have worked for Microsoft who do roast the Exchange and things it could do far better, but be realistic here. The choice as of right now is not the ideal vs what we have. It is what we have vs what we have. Microsoft is the front runner and Google second in real world easy to use service that is something normal people without experience can get for themselves at most companies that can host their websites. That is just how it is. Yes problems do exist, but in far fewer numbers.
If you purchase either Microsoft or Google email, the easiest way is to get the from a reseller that happens to be providing your website hosting or website builder service. It will generally be a lot less work because they generally will set your DNS for you if you buy it from your host and not Google or Microsoft directly. If you do purchase this service from your host and not Google or Microsoft directly then DO NOT UNDER ANY CIRCUMSTANCES PAY MONTHLY! PAY FOR A FULL YEAR AND SET A CALENDAR REMINDER FOR YOURSELF TO MAKE SURE IT RENEWS ON TIME! There is a reason why I put this in big bold letters. No I am not saying this to make you part with your money a few months sooner than you would have to. With Google the problem is not so bad, but failure to pay will take down your email. It can lead the email in no mans land where no one can help and your email will just be down a while. In most cases, it drops back to Google. You just then have to pay Google and then reset your DNS with your host, because they likely will at some point automatically change your DNS settings since the product cancelled. You still can usually get all your old emails and continue the service, but with paying Google directly.
With Microsoft, if the renewal payment fails for ANY REASON, your fault or not, the product cancels. You would think this an annoying inconvenience it may take a phone call and a late payment to fix. If you catch it in time yes. If not, then it is a huge stinking mess that cannot and will not be fixed quickly. You only have a few short days, and it can very quickly get past the point where your host can fix it. What happens (and yes this happens with every single Microsoft reseller that I have ever seen) is that the reseller gets pulled from being able to manage the service, even though they would really like to sell a renewal and get their cut from that. What is worse is that when you are told to call Microsoft, they tell you that since you purchased the service from a reseller, that you have to go through them. In this case, it is NOT the fault of the reseller. Even the top technical teams at the reseller have been locked out of having access to fix this, even though the Microsoft rep will assure you that is not the case. I HAVE SEEN THIS PROBLEM OVER AND OVER AND OVER AND OVER AGAIN WITH EVERY RESELLER OF MICROSOFT EMAIL I HAVE WORKED WITH, OR HAD CLIENTS USING THEIR SERVICE. This is a problem that can ONLY be fixed either by paying on time with no excuses, even if it is the fault of the host, or by going though an ownership dispute process with Microsoft. While I have not seen the end of the ownership dispute process, I have been told a few times by Microsoft support employees that the process generally can take a month. At the end of that, you will not have ANY of the emails or information you had unless it is locally backed up.
So if Microsoft can have such an obviously severe problem that it is just not fixing, why recommend them then? Well that is simple. There is no such thing as a wonderful email plan in every way. There are ALWAYS problems. With Microsoft, just either buy it directly from them when you get it (and just deal with configuring the DNS) or just make a calendar reminder and personally check on the renewal every year (auto renew is not good enough). The other email alternatives are just a death by 1000 paper cuts. Overall, they have much more problems. They are just spread out more. Over all problems vs benefits for novice users that do not have experts to guide them every step of the way, Microsoft is still by far the best solution as of the time of this writing, even though I personally despise their leadership and think they are a truly evil company. The leadership will be changed out eventually. I truly believe there will be lawsuits and such, but the future will bring what it brings. Right now, Microsoft is the way to go, and Google is a second place for those that just prefer the interface and pretty much only use the Google apps.
The last last type of email services I will mention is not a normal email service. Bulk email providers like Constant Contact and Mail Chimp do not replace your normal email service. They are needed IN ADDITION TO your normal email service. You cannot send bulk emails from any provider safely other than a bulk provider (or a very well run server like a VPS or local server). If you try sending bulk emails from Microsoft or Google, they will shut you down and prevent you from being able to send any email until you have a good talk with them and promise not to do that. They can even kick you off of their service in some cases. So keep the bulk emails to the bulk services. For reasonable numbers of email contacts, the price is pretty reasonable. If you have a very large number of email contacts, then the price gets very very high. I understand how that is not something you want, but the industry severely dislikes bulk emails. It takes a very very good email administrator to be able to keep you from being blacklisted. Unless you have a very very skilled and experienced person helping, then just pay for a decent bulk email service if you send bulk email.
Spam Filters are a HUGE MASSIVE PROBLEM
First, understand that many many people around the planet just have no clue at all about what they should be sending others. They will believe with every fiber of their being that they should be sending out emails, and that they are quite literally God’s gift to the planet. THEIR ACTIONS DO AFFECT YOU A LOT! They will phrase their spamming attempts in very very legitimate sounding terms such as proposals, marketing, leads, quotes, offers of service, and such. There is never an end of ways of making it seem legitimate that they will use. If you have not heard the types much, they are very convincing. They will even have most reps sympathetic and truly feeling sorry that their “business is effectively shut down” when they invariably have problems.
So far the advice is just not to be on the same servers as the spammers. This is one good tactic that will help. Do understand that this is quite simply not enough. SPAM FILTERS ARE COMMONLY TRIGGERED BY THE MOST UNPREDICTABLE THINGS! Yes you can do something inadvertently and then get randomly blocked from many places. It is not just others that are at fault. How you use your own email does affect things, no matter what you have been told.
The Blacklisting problem: This is a very important section. Please take it very very seriously. When you send and email and get a bounceback, it will often tell you why with some little technical sounding code. You may even reach out to the email provider that blocked you and you may get a response if you are lucky. In a large majority of cases, the person being blocked is told that the IP of their email server is on a blacklist and they should not send out as much spam. The idea is simple. Don’t send out spam and then you can and should be treated with respect, like all the other good kids. The problem is that THIS IS ALMOST ALWAYS A BIG FAT LIE! I do not care how long you have been in the industry and if you run email servers for a living. If you do not agree with me, then you are absolutely wrong. Yes email servers should stop spam more. Yes, there are problem servers that just need to do a better job of not being email jerks. I understand that, but do know that this is NOT why a lot of these problems are caused. Some email filters will just block some IPs for spamming, but most of the time they have algorithms that take many things into account, not just one blacklist.
Frankly about three out of every four home and business IP addresses that I test can be found on some type of blacklist somewhere. When you see the same IP address able to deliver email to Google and even Microsoft for almost every single user on the server, but not one specific customer that is being told that “their whole server is on a blacklist” and “it is the fault of the server”, sorry that is not the least bit true. If the server was truly on such a blacklist and completely blocked (and yes that does happen) then NO customer on ANY account on that server would be able to send ANY EMAILS to the provider that blocked them. When one customer is the one having problems (and often it is just one email address, or even just certain emails and not all that are affected), then it is NOT THE SERVER BEING BLOCKED! The algorithms have an overall score typically and usually do not just go on IP alone. The world effectively ran out of IPv4 addresses many years ago. They have been recycled, reused, and rotated so many times that only the very few people would be able to send emails if IP blacklisting were truly the real problem most of the time. Yes it happens, but because so many IPs are blacklisted, it generally is just a part of the problem.
If you got a notice that your emails are being blocked because the IP, do know that is most likely false. You can certainly keep going back to the tech support of your email provider over and over and over again, but you are just wasting everyone’s time, including your own. While it may seem very satisfying to give them a good piece of your mind, understand this does not fix the problem. It is just something that helps to get your anger and frustration dealt with temporarily. Don’t expect them to fix it. They already have filters that block spam as well as they can. They are not actually going to resolve your situation. If you want the problem fixed, change the email provider to Microsoft or Google, or just try changing things like your email signature or attachments used.
Email filters generally use algorithms that take many factors into account. They can dislike attachments, keywords, your signature, a phone number, or maybe your website got malware that you cleaned out a few months ago. Maybe your email was compromised and sending out spam some time ago. There are so many reasons why they can block you that you may never know what did it. The bounceback is just a cop out most of the time. Yes it sounds technical. Yes that is part true. Sometimes it is very valuable information you really need to take seriously. If it just lists an IP address and says your server is spamming, then unless you run your own server, then it is not all that useful.
Ways to Fix Email Deliverability Problems
The first thing to know is that YOUR EMAIL USAGE IS MORE IMPORTANT THAN ALMOST ANY OTHER FACTOR! Of course this assumes that you are not on some very horrible server. Even on the worst shared server on any major platform, I can still get email delivered to the inbox of most major providers if I watch how I use my email well. Yes I can take the cheapest of the cheap shared email services and actually get email to people, even though that the server itself just has a very mediocre reputation. It is an overall total score and your history DOES affect things a lot! Novices often blame the server because they do not know better. Honest people will take advice and learn. Narcissist do not take advice. They do not learn well because they are not wrong ever. They just get better at blaming. Email filters do not play that game. Those that learn get their emails delivered better and have better email service. Those that do not, have a lot harder time.
The first thing is to ONLY SEND EMAILS TO THOSE WHO YOU DO BUSINESS WITH OR THAT ARE EXPECTING YOUR EMAILS! Of course, there are exceptions like potential suppliers that you may need to purchase services with. You cannot send emails to give quotes, offers of service, proposals, or ANYTHING to remotely introduce yourself of solicit business to ANYONE THAT IS NOT EXPECTING EMAIL FROM YOU THAT HAS NOT DONE BUSINESS WITH YOU ALREADY! It does not matter how much you need the business, or how sure you are that they will like it. It does not matter if you are certain that you are not like the actual real spammers and that your emails are perfectly legitimate. If you are sending unsolicited emails that have some effect of introducing your business or are even remotely soliciting business from the places you are emailing, then IT IS SPAM AND IT WILL GET YOUR DOMAIN ON LISTS far more quickly that you realize. It is NOT WORTH IT and usually violates spam laws.
People can sign up for newsletters or more information. You can get flyers or advertisements out. You can wisely use social media to drum up business. You can get people signing up from your website. You can also email people that are doing business with you if it is done in a legitimate way. Email marketing does NOT mean sending email to ANYONE that does not already have something to do with you already. If they are expecting quotes and are okay with that, it is fine. You cannot just send things out to people you have not done business with and who are not expecting your emails. They WILL be marked as spam, no matter how legitimate you think they are. Your email deliverability will SUFFER GREATLY for a long time. It will be very hard to fix. Do not do it. Yes I know that it is not fair that you can spam out as much snail mail as you want with no repercussions but email is not the same thing. Laws and spam filters do not want this type of behavior in the world we have today.
I know that you may be concerned with how I must think that everyone that sends email must be some sort of a very clueless individual. When you deal with email as much as I have, then you see that some people are logical and understand things, and others just do what they want to do and expect the world to change.
Okay, now that the do not spam others talk is out of the way, what about the other people that this does not apply to? Understand that filters are generally in place to catch spammers or people that want to spread viruses or malware. When you understand this, next think of what you do that spammers could try to copy in doing their bad deeds. What about attachments? Yes legitimate business need to send attachments. Spammers can try to look legitimate and do what you are doing, but insert a virus or malware. So yes because of that, attachments are a risk factor that in some cases can cause emails to go to spam or be blocked. It is not fair, but it is the reality that this can happen. What about invoices. Do you need to send invoices for legitimate reasons? Yes there are many legitimate reasons to send invoices, and they are absolutely a necessary part of the business world. They also are copied by a lot of spammers. So yes invoices or anything that is requesting a payment for services can raise the risk score spam filters use. Was your site hacked recently? Sites with malware of phishing are spammed out a lot. Even if your website was cleaned up and never sent out spam, that can get you on lists.
The main point of this section is that anything that can confuse an automated spam filter can get your emails not being delivered. No you usually do not have to deal with it. Usually email filters are smart enough to know the difference. When they are not, you do need to do some thinking about what you are doing that could have inadvertently set off a spam filter.
What about bulk emails? How many emails can you safely send from a shared email provider and not need to get a bulk email subscription with a bulk email provider? The answer is not always clear. If you ask their email sending limits per hour, then JUST BUY A BULK MAIL SERVICE. The sending per hour limit has to be high enough for customers that have 30 or 40 employees. That many different people all sending individual emails is NOT THE SAME THING as one person sending the same email to many people. When you send an email that is mostly the same to multiple people, but with very few changes from email to email, then this is usually looked at by most spam filters as bulk email. IT DOES NOT MATTER IF THE PEOPLE YOU ARE SENDING TO WANT THE EMAILS OR NOT, it still can trigger the spam filters if you send largely the same email to enough different people. Yes legally it is important that you send to people that expect the emails. The terms of service of the email provider you use also will be fine with most reasonable emails such as that. It does help that if the people you send to are expecting the emails that they will not be the ones to mark them as spam. The reason why it is so important to watch how many people are sent repetitive emails is because they trigger spam filters. Regular person to person emails are all wildly different in their content. Those that are not can confuse the spam filters as they do not have the same judgment as a real person would. Remember that the spam filter is just an algorithm. Is is not that smart and cannot always tell the difference. If you send emails that are mostly the same in content to more than a fairly small number of people, then it is a very good idea to think about investing in a service like Constant Contact or Mail Chimp
To Summarize everything in this section so far, your usage is what matters most, but don’t send from the cheapest of the cheap email servers. Watch your usage, and do not be too cheap to pay for the appropriate services for what tasks you need. Microsoft and Google plans are by no means a magic bullet that solves all email problems. You cannot spam from them though or they will shut you down. In general, if you do regular email through Microsoft or Google email, and do bulk emails from Constant Contact, then you will have more forgiving email. Yes you still have to not do things that will probably cause problems, but their servers are not blocked as much. Microsoft has a reputation in certain circles as being a bit of a bully. That can work in your favor, as third party email services really cannot just block their servers. Microsoft is too big for that. If any email server tries that, their own customers would throw a fit. So Microsoft is a bully in many ways. No you cannot just get a license to do whatever you want, but in general you will have far fewer problems with email deliverability.
DNS Records DO Help!
Let’s face it. Many people would rather take a trip to the dentist, rather than deal with DNS problems. No offense to dentists intended, but DNS is absolutely not what comes into mind when someone says “Let’s have fun.” Having said that, DNS records are extremely important for both sending and receiving email. When someone sends an email to you, how does their email provider know which specific server on the planet to communicate with to deliver the email to? Remember, there are over a billion computers on the planet, and the email provider has to find just the right one if they are going to get the message to you. Another question that should be answered is when you send an email message, how does the recipient know that you are actually you. Maybe I am really you and you are just a pretender. Or maybe the real you lives in Outer Mongolia, and you are just some random spoofing spammer that is pretending to be you. Well you should get the idea that for you, it is easy to tell who you are and who is not you. The same is not always easy for email servers to do. Correctly made DNS records help everyone know that the emails you send truly are from you and are legitimate, and ones that come from other people that pretend to be you are not legitimate. Let us now dig into the DNS record types that you need to get correct to make sure that your emails have the best chance to be delivered. To see more information about DNS records, what they are, and how to work with them, please see the DNS and Nameservers page of this site.
MX Record: This record is what tells where to deliver your email to. Your email provider gives these records to you. All you have to do is to copy and paste it correctly in the right spot. Again look at the DNS page of this account for more information. An example of a Google Workspace MX record is Host: @ Value: ASPMX.L.GOOGLE.COM Priority 1. (You do not copy the words host, value, or Priority). Usually you do not have to worry about what the host record is on an MX record. You just have the value they want you to put in the correct place and the priority. Sometimes a TTL will be given, but that is not all that important for the purpose of making it work right. Google has 5 MX records, and they all are just copy/paste from the article. They are the same for all users. An example of a Microsoft 365 MX record is domain-tld.mail.protection.outlook.com (the host is always the same and the priority for this is typically either 1 or 0). A Microsoft MX record is not the same as for other Microsoft customers. It is a different value for every single account they have. It usually follows a pattern, but can be different. See your email provider or my DNS page for more information. You should get the point. Whatever your email provider, just paste it into the right place, and that should be good enough.
SPF Record: An SPF record technically means Sender Policy Framework. It is ALWAYS entered as a TXT record. In plain English, it is the record that tells which email servers legitimately are allowed to be sending email on your behalf. For example, if your email provider is Microsoft, and you also sign up for Mail Chimp, then the SPF record needs to list both of those providers. If you use Google Workspace and also have an invoicing system that send emails from their own server, then you do need to include both in the SPF record. The problem with this record and why so many people get it wrong is because it has to be adjusted to fit all of the different email providers you have. Many who are not familiar with DNS records (and a lot who are) just copy and paste what they are given. This is not enough for the SPF record. You need to know how to adjust it to make sure your domain is following the best practices that can help your email delivered with the highest possible delivery rate. I will give a sample record and then break it down so you can see how it works so you can adjust your SPF record as you need.
Please refer to the site open-spf.org for a more complete list of required syntax. That can also help as you go over the following examples.
Sample SPF Record: v=spf1 include:spf.protection.outlook.com -all
That is an example of the SPF record that Microsoft uses for Microsoft 365 email. Google uses v=spf1 include:_spf.google.com ~all for theirs. Let us break them down to see what it all means.
Opening Statement: v=spf1 is the opening statement. Since the SPF record is put in as a TXT record, this tells servers what the record is. So is this an SPF record or a TXT record? Well, both. After the original DNS record types were made, others were created, and then fit in where best they could. Since it had to be fit in somewhere, the TXT record was the best place for it. (The TXT record was made in 1993 and SPF records were introduced 10 years later in 2003). For all spf records that you are likely going to use, you can just start them out with the opening statement v=spf1
Closing Statement: At the end of each example given, you can see the word all. There are three variations of the closing statement that you should encounter in most cases. ?all, ~all, and -all. This is important that you know what they do, so do pay attention to this part. This closing statement tells others how strict that you want to be. The ?all ending is the most loose of the three. It means that for the most part emails sent from the providers listed are legitimate, but accept all others you may get as well. The ~all ending means that you want other email providers to for the most part just accept emails from the providers you list, but if they have email from another source then look very carefully at that. The -all ending means that you are telling email providers to ONLY accept emails from the providers you specifically list, and they should reject all others.
?all is just too loose. It is so loose that it makes the whole SPF record maybe not worthless, but almost. Since it tells people to just accept all email then it can lead to you being spoofed more easily. This ending SHOULD NOT be used. If your email sending is not in line with your DNS records, then it is better to just fix the records than to be sloppy and just tell them to accept anything. This ending is used by a lot of people who cannot or will not get the SPF record accurate enough and do not want to risk their own legitimate emails being blocked. I understand the difficulty in accounting for every variable, but it is best not to use this ending.
~all is the most appropriate ending for most users. It gives the direction to primarily allow that the email services listed should be the only ones you are actually using, but it does allow for very carefully examined emails from others not listed to be delivered at the email provider’s best discretion.
-all is the most strict of the three endings. For those who are actively being spoofed, this is the ending to use. This means you are telling email providers across the planet to always reject any emails from servers not specifically listed. If you use this ending, you need to make sure that you correctly list any email providers you are sending emails from, or they will likely be rejected. It can be more difficult using this ending, but if you configure it properly, it has the best protection against spoofing.
The includes you saw are just some things in the middle section of the SPF record. In most cases, you just get the value from your email provider and then put the correct part in the middle. Let us take an example of this in action:
Hypothetical example 1: If you were given v=spf1 include:spf.protection.outlook.com -all by your email provider for your SPF record and you were then given v=spf1 include:spf.constantcontact.com ?all from your bulk email provider, what would be correct?
Incorrect solution: Some just put both v=spf1 include:spf.protection.outlook.com -all and also v=spf1 include:spf.constantcontact.com ?all as a completely different TXT record. While putting two different SPF records is better than nothing, it still is preferred to just make one out of the two.
Correct solution: v=spf1 include:spf.protection.outlook.com include:spf.constantcontact.com -all would be preferred. The reason why is that in the one SPF record, it sets how strict it should be with the all statement, and multiple entries are supposed to go in the middle. If you listed this like the incorrect example, you would have both the statement that Microsoft is the only provider and no one should accept anything else, and you would also have a completely different statement saying that constant contact is the only provider but go ahead and accept mail from anyone else. See they do conflict when you put two. Making them into one record sets one policy and lists all providers in one spot. That is the way to go.
Hypothetical example 2: You have a website that sends emails, your main email provider, and a bulk email provider. The spf records you are given by each party are as follows: v=spf1 a mx include:spf.websitewelcome.com ~all v=spf1 include:_spf.google.com ~all and include:server.mcsv.net. It would be incorrect to list all three separately. First off, the last record is just the include and does not have the opening and closing parts. It would not be complete on its own. It is ideal to combine them.
Correct Solution: v=spf1 a include:spf.websitewelcome.com include:_spf.websitewelcome.com include:server.mcsv.net ~all is the correct solution. You can see that we have one opening, one closing, and everything else (minus the mx term) went in the middle. The reason for omitting the mx statement is because that is a one size fit all record that would not apply to the way this example is using email. The A term means that anything coming from the IP their website runs on is okay. In this specific case, include:spf.websitewelcome.com refers to the outbound spam filter for the host. You would not know that for sure, but you can make a good guess based on context and knowing how providers typically work. In this case, your best guess is a lot better than what the rep working for the hosting company may likely know (though some absolutely do or could find out). The other two includes are from the email and the bulk email providers.
The takeaway here is to know the general rules on building an SPF record. It is not as hard as it may look. Just remember you can put the opening and closing, and you just get the other parts from the help articles or knowledgebase articles from the different service providers you use. Remember, all the examples that I use ARE JUST EXAMPLES. DO NOT USE THEM ON YOUR DOMAIN! Use the equivalent information you get from your own providers.
DKIM Record: The dkim record is a domain key that helps legitimize the emails that you send. This will be a very odd and confusing looking record. Remember there is a Host name field and the content field. To get this record, you just ask the email provider. You can paste this in the TXT records or the CNAME records of the DNS area that applies to you. Do note that some providers specify that this has to be a TXT and others give a cname. You cannot just pick. You have to enter the dkim in the record type that they specify and cannot just put it in the other record type. I am not going to give an example of the long part of the record as it is just too long and odd. It looks confusing, but that is simple. You just copy/paste and make sure that nothing got cut off. As for the beginning of the dkim record, it needs to be formatted correctly.
The host name part with either look like
Either way, both are the same. If you remember, the host name in different businesses is formatted differently. No matter how it is entered, it means that the value the rest of the internet will see is something.domainkey.eynfaw.com (if this were for the domain eynfaw.com as an example). On the DNS portal that you use to enter the record, you may have to just enter the something.domainkey part or you may have to enter the whole value including your domain. If you want to test it, you would have to enter the whole long version in a dig.
Please remember that the host name is not actually something.domainkey. It will be slightly different. It may be default.domainkey or something as determined by your email provider. You can have different dkim records for each provider if you have a regular email provider and also a bulk email provider for example.
DMARC Record: A dmarc record sets the policy for your domain as to what other servers should do with emails sent from your domain (that includes ones that pretend to be from your domain). It also gives an email that reports can be sent to. Not everyone sets a dmarc record. If you do, you cannot expect that a provider can get you this. You will have to generate it yourself. As the topic is covered elsewhere, if you want to know more it can be a good idea. You can read up more at MXToolbox.com or just by searching for other related websites. It is complex enough where novices may want to just not do it, and intermediate level users can make sense of the other articles that exist already on the subject.
PTR Record: The PTR is overkill for most smaller businesses. It is a reverse DNS record that can show the domain that a specific IP address is associated with. The reason why I say that it is overkill is because most email providers within the technical capabilities of novice and intermediate business email customers cannot set a ptr record. Neither Microsoft nor Google is going to set one, and for that matter nether are any email providers on standard shared business email servers. If you are sending emails to a place that requires a PTR record, just don’t bother sending to them. Find a workaround like sending from a free personal email, or something like that. The reason why I say that is because you need to run at least a VPS level server or better AND also have a very very good technician locally that can help you configure and run that. While running your own server sounds like it may be a good idea, it is not. Yes it can get email better and cheaper for some intermediate and larger businesses, but that is not you. It is either among the best servers to have or the very worst. There are 1000 ways to have disasters happen. It can be the most epic failure that it has ever been your misfortune to have.
If you are told to get a PTR record in order to send to a specific provider, either they just don’t like your email provider much and are giving one last workaround that can help make the difference, or they are just so picky that it is best not to bother with them. Almost no one has an absolute requirement for having this record type. Microsoft is the leader in the email industry for performance, price, and accessibility for most small and medium businesses, and they do not use this record as of the time of this writing. They can get emails delivered successfully to some of the toughest providers, so this is not a record I would bother to get. Too much can go wrong and almost no one would have that as a strict have to have requirement. You may possibly be able to find a smaller business email specialist company that is capable of getting this, but there are trade offs even if you do manage to find a place that claims to be capable of this. Just ignore the PTR. It is not worth trying to get as too many bad things can happen if you try.
Apple Computers and Devices
Normally, I do not put an entire heading on a page dedicated to just one brand, but Apple and Email does need a section devoted to them. No one likes he said she said, and we really do not need to get in to the whole Windows vs Apple or Android vs Apple discussion. No minds will be changed and you will just disagree with me anyway. Having said that, Apple has some problems that need addressing.
First when connecting any Apple product to an email service, they like all devices can have some problems here and there. Unlike all other devices, they account for the very very large majority of calls to any email support help line in the industry that I know about. While I know that everyone is adamant that it is not their phone or computer and that Apple support confirmed that it is a problem with the email provider, you need to understand that email providers hear this all day long, every day, every year. It is a constant non stop mess of calls that primarily are just from owners of Apple devices. Yes they do certainly get calls for help with Android or Outlook, but for a fact the vast majority are Apple related. I know that Apple products are popular, but they do not outnumber both Android and Windows devices by any stretch of the imagination. In terms of numbers of devices that are using email, they are a minority but a decent sized one (when you account for all types of computers, phones, tablets, CRMs and any other device that connects to email. They are the absolute majority by far in terms of calls for email help, and that is not up for discussion. It is just what happens. I have been in the industry for a very long time and seen a lot of places. They just have quirks.
I know, I know that by now a number of “very experienced” users are screaming at the screen telling just how easy it is to setup their device and how wrong I am. Okay, I get it, but the fact remains, if you use Apply, understand that there may be quirks and it is best to take a little extra time to learn to deal with them. Do not blame your service provider for Apple problems, even if Apple tells you that it is the fault of your email provider.
The first type of problem is random connection problems. Somewhat regularly, Apple devices disconnect from email for whatever reason. It is often updates that trigger this. The solution is to get the connection settings from your email provider and get used to knowing where to put them. Get used to doing a little extra work to find how to do this. If you use POP/IMAP, then honestly it is something you could have avoided had you purchased a more expensive email. Microsoft connects with Exchange. While that can have quirks, it is usually automatic and has far fewer problems with Apple devices than Pop/Imap. If you use Google, then on phones and tablets, there is a Google app you can use. If you do not want to go the exchange route or the Google route, then do note that your decision to save money is understandable, but does come at the price that the settings are not automatic.
I fully understand that if you pay a lot for email service that you expect for it to work. I get that. I am not trying to upset you or just pick a fight with random people that I do not know on the internet. I am just being real hear about the industry and the challenges/expectations that are appropriate.
Understand that email and hosting service providers number one call driver is typically always Apple device owners having problems connecting, and that is followed by Pop/Imap email deliverability problems across all devices. Understand that the very reasons why the callers are calling in the first place is because the customer is too cheap to get the Microsoft of Google email. Device connections can be automatic on both services, depending on how you do that, and they have fewer email deliverability problems. When they get you to upgrade to Google email or Microsoft email they may or may not make much money off the sale, but they save tons of money from paying call and chat employees. It is not a small thing. In the industry, email connection problems and delivery problems cost their support centers loads of money and time that almost all is prevented when they have you upgrade.
So do choose the service you feel you need. You may use the email that comes with hosting. I do. But if you do, understand that you have to work around the problems yourself for the most part. Know what you are getting and the challenge, and if you are okay with that, then great.
BLACKLIST PROBLEMS: The other very important problem that Apple computers have is that they get your entire IP address blacklisted from email providers. Again, don’t try to fight me on this one, because I personally have worked with the logs that prove it and they show hundreds of attempts from mostly Apple devices. For whatever reason, Apple devices commonly try to connect over and over and over again in rapid succession when there is a problem with authentication. No I am not an Apple device expert. I just know the devices are doing this a lot because I am the one that looks at the blacklists and sees what is doing what.
Normally if an email program (such as Outlook or Apple mail) has incorrect login credentials, they should ideally try one or two times then stop trying. The problem is that for whatever reason, routinely you will get Apple devices trying a hundred or more times in a row. You can see them try to login three different times within the space of just one second. The reason why this is bad is because servers need to block IP addresses that fail more than a certain number of times. If they do not, they open themselves up to an attack type called a “Brute Force Attack.” If devices are allowed to try over and over again without limit, hackers would run programs that literally try every possible combination until they get in. They would just do that with IP after IP until something works.
So do note that if you are having a lot of problems from everything within your house or business being able to connect, you may have an IP that your provider blacklisted. If that is the case, they may or may not be able to get down to why or which device is at fault. They may even suggest that you have been hacked. That is a distinct possibility. It is also a possibility that you just need to turn off the Apple device that is doing that, get them to take you off the blacklist and then fix the device before it blacklists you again.
That is pretty much it for email. It is a crazy and unpredictable industry, but watch how you send messages and use quality providers, and typically you will be fine. Do not use a personal email for business purposes except as a temporary workaround. As much trouble as it may seem, it is absolutely best to just get reliable business email. You can contact me if you need help. Just do not expect me to make the industry something other than what it is. I do not want to offend anyone, or cause long distance fights, but it is better to be blunt in such articles. You may agree or disagree, but it gets you thinking. Once you get thinking, then you learn about how you want to do things in a way that is better than if you did not think about it. Feel free to schedule a consultation with me if you need help understanding this odd area. I cannot fix the fact that Apple devices or quirky. I cannot fix every problem. No one person can. I can give a realistic expectation of the industry and help you implement long term solutions that can fix most pain points.