SPF Setup

We recommend the use of SPF (Sender Policy Framework) for authorisation of Email2SMS email addresses.

This is far superior to an older mechanism based on white-listing IP Addresses, which has been made obsolete by the popularity of web-based email systems such as GMail and Office365 -- it's simply not possible to maintain an accurate list of IP addresses for these services.

A valid SPF policy is a DNS TXT record in a specific format, for example:

"v=spf1 mx a a:mx1.example.com a:awssmtp01-syd.example.com a:awssmtp02-syd.example.com include: spf.protection.outlook.com include spf.google.com -all"

To use SPF instead of IP Authentication for your Domain-based authentication follow these steps:

  1. Login as an Administrator
  2. Visit the Email2SMS page under 'Company Settings' (click here)

  1. Click 'Create Email2SMS Security', and define:

    • 'Emails Sent From' as 'Domains'
    • 'Security Type' as 'Via SPF'
  2. Click 'Create Domain', and enter the name of your domain. eg: example.com. Click 'Save'.

  1. Note the verification token provided. It will be something like 9e9e65dc2aeceb9bf16694b201961269.
  2. Within your Email Provider's Administration Interface create a TXT record containing the value shown when you clicked 'Save'. (More details below in 'How to verify a domain via DNS').

Now that we have defined the email domain, and proved that we control it, select the new domain and choose the 'Allocate to User' menu option, and select the Messenger user that emails from the domain will be sent via.

Example: Allow specific email addresses to use Email2SMS

  1. Configure 'Emails Sent From' to 'Email Addresses'
  2. Set the 'Security Type' appropriately for the email system sending the message. We strongly recommend 'Via SPF'.
  3. Click 'Create Email' and select an email address to allow, and the Messenger user to be used for SMS delivery.

How to verify a domain via DNS

When allowing access via domain, once you have added a domain for use in sending you will need to verify it through a TXT record. This is done as follows:

  • Log in to your domain provider's administration interface.
  • Open the DNS settings page.
  • Locate the domain settings for the domain you entered (e.g. example.com)
  • Set the TXT records value to the value given when adding your domain
  • Optional: Change the TTL of your DNS record. This will allow updates to be propagated faster.

Why should I verify domain ownership?

Verifying control of the email domain is a way to ensure only your organisation can use your domain for email2sms.

To assist you, each time a new server (IP address) is used an email is sent to the Company Admin (only one email is sent per IP address). The address and the sender details are also logged and displayed in the Log section of the security page.

If you have any questions about IP addresses, mail servers or how to prevent email 'spoofing' and other fraudulent activities, contact your IT helpdesk.