Outlook Icons

Microsoft is expanding is Outlook email branding to the web, with plans to replace Hotmail with According to Microsoft’s blog post it’s a complete rework of email, rather than just a rebranding. I rarely use it but I do have a Hotmail (actually account so I took a look.  I like the new look. Others have said it’s metro-like, I’ll take their word for it since I’ve only seen pictures. Like GMail, there’s adds but they’re unobtrusive on the right, all text so far. also allows up to 5 aliases so I claimed a few that I use for other email. It was also a nice touch that when the aliases were created I was given the option to create a folder for those emails and create a rule to put them there upon receipt. Also, I could use either the new or the old or in the addresses. I could then change the default email for the account to the address. doesn’t support IMAP but I was able to set up the account on my iPhone using Exchange Active Sync. I used the Hotmail server and account info but I see the folders I created on and could as my sending & reply addresses. So it appears to work, at least until the band-aids come loose.

I’m firmly entrenched in GMail so it wouldn’t be easy for me to leave, although Microsoft does highlight configuring your mailbox to pull email from other services such as GMail. They do emphasize the social features which is a bit of a turn-off for me (so I turned them off). I’m set in my ways, I just want email to be email.

Microsoft is on a bit of a roll this year with new versions on the horizon for their main desktop and server OS’s along with their flagship Office product.  Lot’s of change which will drive people nuts at times (myself included) but it’s nice to see them thinking about their software and being willing to change it.

Any Hotmail users out there with first impressions of

Setting Up SPF and Sender ID in Google Apps

I use Google App for Your Domain for my email, both my personal email and as email for the websites I run. I decided it was finally time to set up Sender Policy Framework (SPF) records and Sender ID. For differences between SPF and Sender ID you can read this. While they aren’t the same, the syntax and similarities make the steps for setting up each identical for our purposes.

What is SPF? From the OpenSPF website:

Even more precisely, SPFv1 allows the owner of a domain to specify their mail sending policy, e.g. which mail servers they use to send mail from their domain. The technology requires two sides to play together: (1) the domain owner publishes this information in an SPF record in the domain’s DNS zone, and when someone else’s mail server receives a message claiming to come from that domain, then (2) the receiving server can check whether the message complies with the domain’s stated policy. If, e.g., the message comes from an unknown server, it can be considered a fake.

What is Sender ID? From Microsoft’s Sender ID page:

The Sender ID Framework is an e-mail authentication technology protocol that helps address the problem of spoofing and phishing by verifying the domain name from which e-mail messages are sent

It’s important to note that while I have my own domains none of my servers send email, everything I send is from an email client. I don’t need to configure any other servers, just Google’s. So I can use Google’s instructions as the starting point for setting up the records. The important piece is: v=spf1 ~all.

Google recommends using ~all which indicates a “soft fail” if the sender doesn’t match the record. This means the receiving service should apply extra scrutiny but not reject the email immediately. It’s up to the receiving service what the extra scrutiny is and some of my reading indicated some services (like Hotmail) are prone to reject soft fails. The most logical reason I read was that is someone isn’t confident enough in their settings to use a hard fail then the receiving service isn’t likely to trust anything other than a pass result. So I’ll be configuring a hard fail which is –all. (hard fail is a dash, soft fail is a tilde) I did use the soft fail during testing and you may want to do the same.

The Sender ID record is the same except for the policy statement at the beginning.

[Update July 14, 2012: As Terry pointed out in a comment, Google’s SPF record has changed to ” v=spf1 -all”.]

My SPF record will be:

v=spf1 -all

While my Sender ID record will be:

spf2.0/pra -all

[Update July 14, 2012: It seems Sender ID is rarely used, mainly by Microsoft. The record listed here will be redirected but work, despite being technically wrong. See this.]

All that’s left is to add the records for the domain. The method varies by registrar. The SPF and Sender ID records get added as TXT records. Most of the domains I have in GAFYD use Slicehost DNS and they already have a good write-up on how to setup SPF records at Slicehost. I’ve added the procedures for some other registrars that I have access to.

After the SPF and Sender ID records have been added and allowed time to propagate you can use one of the testing tools to validate the records. I used the tester supplied by Port25 and sent an email to check-auth [at] A response is returned with the results of the tests.

These procedures assume GAFYD is already configured to send and deliver mail for you. Google provides good documentation on how to do this and I wrote up how I setup Google App for My Domain back in August of 2007.

Adding SPF and Sender ID at GoDaddy

  1. Fire up Domain Manager and go to “Total DNS Control” for your domain.
  2. Click the “Add New SPF Record button under the TXT section.
  3. Select “an ISP or other mail provider” and click OK
  4. Click the Outsourced tab
  5. Type into the text box for domains. Click the “Exclude all hosts not specified here” for a hard fail (-all). Click OK
  6. You’ll be asked to confirm the record that was generated. It should look like the SPF record I have above. Click OK to save the record.
  7. Now click the “Add New TXT Record” button to begin adding the Sender ID record.
  8. Type “@” (no quotes) into the TXT Name file
  9. Type (or paste) the Sender ID record into the “TXT Value” field.
  10. Change the TTL if you want, keep the value low for testing, you can change it from the default 1hr if you want. Click “OK” to save the record.
  11. Wait for the change to propagate. I my case I could test after a few minutes, but in some cases it can take awhile.

Adding SPF and Sender ID at Bluehost

Bluehost automatically adds SPF records that point to their servers but use the ?all mechanism. From Bluehost help:

We do allow customers to request custom TXT entries in order to help fight against spam.

So it appears you’ll have to open a support ticket and have them add the records. (I did not do this so I can’t confirm they’ll do it or if it works properly.)

Adding SPF and Sender ID at NameCheap and NameCheap FreeDNS

I believe these procedures should work but don’t have an email account that I can test with. FreeDNS is a service provided by NameCheap that allows you to manage DNS for domains registered elsewhere.

  1. Go the “Manage Domains” and either select “Your Domains” or “FreeDNS –> Hosted Domains” depending on which service you use. Then click on the Domain Name in the list. If the Domain is registered at NameCheap you’ll need to select “All Host Records” from the left menu bar. For FreeDNS you already see the All Host Records screen. From this point on the process is the same.
  2. Enter the information as shown below. The record is partially obscured due to its length, but it’s the same SPF and Send ID records we’ve been using.


Once you save the settings you’re done.

Adding SPF and Sender ID at Enom

I believe these procedures should work but don’t have an email account that I can test with.

Enom provides a “Add SRV or SPF Record” button button I found that using this only allows the addition of one TXT record for the @ host. I found that both records could be added by simply typing them on the main screen. Use “@” as the host name (no quotes).


You’re done once you click Save.

SPF and Sender ID at 1 & 1

It doesn’t appear SPF or Sender ID can be used for domains registered at 1 & 1. The DNS configuration is very limited and I found the following in their FAQ under “What is an SPF record?”

There is currently no implementation of these
policies planned for 1&1 domains.

If you need SPF on a domain registered at 1 & 1 it appears you’ll either need to transfer it or use a third party DNS service.

SPF and Sender ID at Moniker

I believe these procedures should work but don’t have an email account that I can test with.

  1. Log on and go to “My Domains”. Check the box next to the domain you want to manage and click the “IP” tab.
  2. Click on the domain name.
  3. Under “Add Zone Records” select TXT as the record type, enter @ as the host name and put in the spf or sender ID record for the address then click Add. Do this for both the Sender ID and SPF records.

Most hosts should use a process similar to one of the above.

I’d been holding off implementing SPF because I thought it would be a pain and cause problems. While looking into it I saw that Sender ID was easily implemented at the same time. In fact, because Sender ID will use the spf1 record is no spf2 record exists it’s recommended that Sender ID also be implemented at the same time (even if it’s only a record to say it’s not set up) because the spf1 record can cause problems with Sender ID. I previously linked to a detailed description of the differences which includes and explanation of why this is the same.

It’s also recommended that SPF records be added to domains that don’t send email. These records should indicate that the domain doesn’t send email in order to avoid it being spoofed by spammers.

SPF and Sender ID are complicated items but are easy to implement for someone like me who just uses GAFYD with desktop (or web) email clients.