Configuring your SPF record to point to Valimail allows you to leverage our patented Instant SPF technology. Implementing this is a very important step of the onboarding process.
Through our patented Instant SPF technology, we leverage macros from the SPF spec, using the brackets below, so that when a query is done by an inbound email receiver's SMTP gateway, the SPF macro will fill in the blanks of what's needed to pass SPF authentication checks for whatever email sending platform you are using.
In SPF, a macro is just a placeholder—like a fill-in-the-blank—that gets swapped out with real information when an email is being checked. Instead of hard-coding every possible IP or domain into a record, macros allow us to tailor an SPF response based on live details from the connection, like the sender’s IP address or domain name. This makes SPF more flexible, and it’s the foundation for Instant SPF, which simplifies how complex email sending environments get authenticated.
Be sure to work with us to properly configure the Enabled Senders list in our platform, as this will govern which sending platforms will pass (or fail) SPF authentication checks when utilizing Instant SPF. The Enabled Senders list needs to appropriately reflect the email platforms that you use.
The specific macros that Valimail uses are:
%{i} - The IP address of the server that sent the email
%{h} - The EHLO name of the server that sent the email
%{d} - The Mail From domain
When an email receiver’s inbound email gateway sees any of these in an SPF record, it will recognize that it is an SPF macro, and it will receive the correct values for the respective queried item. In doing so, our response will be just for that sending service and that specific sending IP address.
So if an email comes from Microsoft 365, for example, we do not respond with your whole SPF record containing all your services, like a regular DNS host does for example. Instead, we will only respond with the specific SPF include for Microsoft 365.
This is the instant and targeted response that the SPF macro provides: the correct authentication response specific only to that service, limiting the amount of data (and DNS lookups) returned in response to that query. The macro-based Instant SPF mechanism acts as an umbrella, underneath which you can have as many sending services and IP addresses as needed to manage your organizational needs, without worrying about the 10 lookup limit of the SPF authentication protocol.