Policy Regarding E-mail sent from our servers
The ever increasing onslaught of e-mail SPAM is forcing us to more formally adopt a set of policies regarding e-mail that is sent from our servers. The adoption of an emerging open standard called Sender Policy Framework or SPF by large e-mail providers or broadband providers has caused significant problems with messages sent by our servers where the "From" is not an e-mail account on our servers.
SPF is attempting to stop e-mail forgery where a spammer anywhere in the world pretends to be sending messages from you! I regularly receive obvious SPAM messages that are addressed from me (email@example.com) or e-mail addresses of our clients. Their goal is to trick the recipient into thinking the e-mail is from a friend or business associate.
We indend to work with our existing clients to make appropriate changes and will implement the following with all new websites.
- We will NOT configure web applications such as shopping carts, newsletters, etc to use a "From" mail address that is not a local address on our server (i.e. using firstname.lastname@example.org).
- You will need a regulare e-mail account on your website for mail sent from shopping carts, newsletters, etc.
- We will NOT configure e-mail forwarders for these applications to have a local e-mail address that simply forwards the message to another e-mail address.
- Our group mailer will be configured with a "From:" address that is a local "catch-all" e-mail box. Note: the e-mail message will still have the "Reply-To:" set to the sender's regular e-mail address so normal e-mail reply will work fine, but error replies will bounce to the local mailbox.
- We've never had a problem with this in the past but CANNOT allow our clients to send SPAM.
SPF works on the principle that receiving mail systems will voluntarily check with the owner of sending domain names (i.e. the domain in the From: address) to see if the sending server's IP address is one that is approved by that domain. SPF is not about stopping all of SPAM but is about stopping SPAM that forges legitimate e-mail addresses as the sender.
Suppose a spammer is forging my e-mail address (email@example.com), sending a SPAM message or viral load to thousands of e-mail addresses including you, from their local broadband service. Your e-mail service (hotmail, gmail, comcast, aol,...) receives the message from the spammer's broadband server. Your e-mail service then looks at the From: address and sees that it is someone named fred at fredsusedwebsites.com. It checks the SPF records published by fredsusedwebsites to see if the spammer's server is allowed to send messages on behalf of fredsused websites. If not the message is trashed right there and you never see it!
The same thing now happens if, for example, we try to configure your aol address as the sender of messages from the Zen shopping cart on your site. The recipient's service checks with aol, finds out that our servers are not allowed to send messages on behalf of aol addresses, and trashes it.
We can configure SPF on our servers for your website domain to allow messages to be sent to your website e-mail boxes from other services such as your broadband provider. We CANNOT change who other e-mail services (aol, hotmail, yahoo, etc) allow as senders!
If you read e-mail on your PC or Mac using an e-mail client such as Outlook, Mozilla Thunderbird, Mac Mail, Windows Mail, etc; you can easily configure these to send/receive mail from multiple services. We simply create a local e-mail account on your webserver, configure the website apps with it, and you configure your client to use it -- problem solved.
If you use a web based client such as hotmail, yahoo, or one provided by your broadband supplier, the problem becomes a bit more difficult. Some but not all of these can be configured to read/send mail from another service. Google's gmail is a web-mail client that we know can be configured this way.
We are NOT experts on all the mail clients and webmail clients that exist in the world. We might be able to suggest how to get started on some, but otherwise you should check with support from your webmail or mail client provider. There are also a number of local "computer specialist" companies that can help you with your home computer problems. If you want us to configure your e-mail environment for you, we will charge our standard rate - see our services prices.
In the past we have created e-mail forwarders on your website. Forwarders are a way to just pass on an e-mail, that was sent to an address on our servers, to another e-mail address. For example I can create a forwarding e-mail address firstname.lastname@example.org that will automatically forward the message to email@example.com.
Forwarding worked well in the past and would have been a solution to our SPF problem except that, because of SPAM, this is no longer reliable.
Spammers often build e-mail messages with nothing in the "To:" portion of the message or at least don't have your address in the "To:" or "Cc:". SPAM filters in your particular e-mail service or e-mail client often will look to see if your real e-mail address is liste in the To: or Cc: fields and will consider it spam.
So, using my example above, when Yahoo receives the message for firstname.lastname@example.org it will see that the message was sent to email@example.com but firstname.lastname@example.org is nowhere in the message. Yahoo then drops the message directly into the spam folder.
It might be possible to configure your e-mail service to accept messages that have the To: set to some other address. Again we are NOT experts in all these other services and cannot help you make forwarding work with your e-mail service.
Bottom line is that we can configure forwarding for you but will not guarantee this to work, and will charge our regular service rates to attempt to solve problems related to lost messages to a forwarded address.
We do NOT permit our clients to use our servers to send SPAM. Our websites provide features that have the potential to be considered SPAM if abused! Our datacenter server provider has a zero tolerance for the use of those servers to send SPAM - see note in terms and conditions.
Not only are we opposed to spamming, but there is the very real risk that our server will be blacklisted. causing very real problems for legitimate mailings from you and other websites sharing the blacklisted server.
Features such as our group e-mail, newsletter, shopping cart, etc are intended to facilitate sending messages to individuals that know you and wish to receive messages from you. We expect that when you add or approve new users for your site or add to a newsletter list, you verify that those individuals really DO wish to receive group messages or newsletters from your site.
If you receive a request from someone to be removed, you should immediately honor that request. If you are not sure how to do this, contact us -- we will not charge to tell you how to disable an e-mail address!
If Fred's Used Websites receives a complaint from someone who has received unsolicited e-mail from one of our client's websites, we will immediately disable that e-mail address on your site and contact you about the issue.