Nearly all spam email messages have fake sender addresses. They use fake address for several reasons – to remain anonymous, to make sure that undeliverable messages don’t bounce back to them, and to potentially deceive you into thinking that their fraudulent message is being sent by a legitimate company.
To combat this trend, many email providers have started using Sender Policy Framework (SPF) to make it more difficult for spammers to use fake addresses. The SPF records state that only specific mail servers are allowed to send mail for a specific domain name. You can find more information on SPF records here:
For example, an SPF record for ‘estreet.com’ would state that our mail server is the only mail server authorized to send mail for any ‘@estreet.com‘ email accounts.
If a spammer tried to send a message from their mail server using a fake ‘estreet.com’ email address their spam message wouldn’t get delivered. This is because the recipient’s mail server would check the SPF record for estreet.com and they’d see that the spammer was not sending their message from an authorized mail server so the spam message would then be rejected for violating the SPF record.
The downside to SPF records is that sometimes it can negatively affect legitimate mail. This shouldn’t happen, but sometimes people send their email using a different mail server than the mail server that is being provided by their email host. If someone tries to send mail using a mail server that is not specifically authorized by their email host’s SPF record then that sender’s email message will not be delivered.
Our E Street Spam & Virus Filter checks SPF records and sometimes legitimate mail gets blocked by our filter because the sender is violating their email host’s SPF records. If someone says they sent you a message but you didn’t receive it (and it didn’t show up in your spam quarantine) then there’s a good chance that the sender was blocked due to SPF. If you suspect that may be happening you can go into your E Street Spam & Virus Filter preferences and Whitelist that email address or domain, which will tell the filter to allow that sender to send mail to you, even if they’re violating the SPF records.
To add an email address or domain to your Whitelist:
- Log into your spam quarantine:
- Username: your full email address
Password: If you don’t remember your spam quarantine password – click Forgot your Password? enter your email address in the Username field and then click “Send” to have your spam quarantine password emailed to you.
- Once logged in, click on the “Filter Rules” and “User Allow List” tab at the top to manage your Whitelist for emails and domain names.
- Enter the sender’s full email address (or domain name) and then click “Add”.