The Sender Policy Framework (SPF) validation method was created in order to detect email spoofing. It works simply by checking if a sender is allowed to send emails on your behalf. By adding Phishing Tackle to your SPF records you enable us to send simulated phishing emails on your behalf and reduce the chances they will be marked as spam.
NOTE:
You must first disable return-path headers in your account settings for this guide to work correctly. See this guide to learn how to do so.
Add the information below to the SPF entry within your domain's DNS TXT record to allow Phishing Tackle's mail servers to send emails on your behalf:
include:_spf.tacklephishing.com
Please Note:
-
- The underscore "_" is required.
- The domain is deliberately "tacklephishing.com" not "phishingtackle.com".
- The underscore "_" is required.
An example of the SPF record in use with a soft fail (using GSuite as the mail server) would be as such:
v=spf1 include:_spf.google.com include:_spf.tacklephishing.com ~all
How to bypass the 10 DNS lookup limit in SPF records
If you find you have reached the DNS lookup limit you will need to add Phishing Tackle's IP address ,instead of the above information, to your SPF record. Our list of IP addresses can be found here.
An example of the SPF record with a soft fail on Phishing Tackle's mail server (using GSuite as a mail server) is as follows:
v=spf1 include:_spf.google.com ip4:52.56.150.127 ~all
We recommend sending a test phishing email (which spoofs your domain) to a single recipient (or small group of recipients) after updating your SPF records.
Allowlisting can be complicated so if you require any further assistance, please contact our support team by clicking here.