Environment
Polaris Hosted
Symptoms
A library may be receiving bounce backs or patrons not receiving notifications.
Cause
As mail providers increase their security stipulations, e-mails from Polaris hosted may be blocked. To mitigate this, the affected site needs to add an entry to their SPF record.
This record will give permission for SMTP.iii.com to send mail on behalf of your domain (as indicated in your sending address designated in SA)
Resolution
Part 1: General information about SPF records
Part 2: Additional email settings in Polaris System Administration
Part 1: General information about SPF records
What is an SPF record and why is it important?
Sender Policy Framework or SPF is essential to having a good email reputation. The SPF DNS (domain name system) record for your library’s domain lists the IPs of the servers that are authorized to send e-mail on your library’s behalf.
This means that when an e-mail provider receives an e-mail from our server with the FROM address indicating it’s from your library (e.g. notices@library.org), the provider will look for an SPF record to do an authentication check to protect against spam, phishing and spoofing. If the authentication check fails, it will hurt our email server’s reputation and can result in our server’s IPs getting blocked or blacklisted.
How to create a SPF record?
You need to work with your local IT or have access to sign into your domain’s management console. A SPF record is a type of TXT record that gets published on your domain’s DNS. Different DNS providers have slightly different configurations on how to create and manage an SPF record.
Below is a link to a blog that describes how to configure SPF records and an SPF record generator:
https://easydmarc.com/blog/how-to-create-an-spf-record/
To authorize the Innovative email server to send PowerPAC and patron notice send e-mail on your library’s behalf please add the following to your SPF record:
include:smtp.iii.com
An example of a full SPF record, with the above include value, might look like:
v=spf1 ip4:12.345.6.789 ip4:1.2.3.4 include:smtp.iii.com ~all
TIP: SPF TXT record starts with the SPF version indicator (v=spf1) followed by all the ‘whitelisted’ IP addresses (ip4:) and third party domains to include (include:) that are authorized to send emails on a domain’s behalf, ending with an all tag.
There is a difference between ~all and -all. Simply stated ~all will allow emails sent from IPs and domains not listed in your SPF record, but will flag the exception. While -all will reject an email sent from an IP or domain not listed in the SPF record. More below:
-all (Fail): email from servers / IP addresses, not listed in the SPF record, should be rejected
~all (SoftFail): emails from servers / IP addresses, not listed in the SPF record, should be accepted but marked
NOTE: Your library system, or consortia, may own multiple domains (e.g., multiple @library.org addresses). You will need to have an SPF record allowing smtp.iii.com for each domain.
Helpful links to popular DNS provider documentation in creating SPF records:
- GoDaddy - https://www.godaddy.com/help/add-an-spf-record-19218
- NameCheap - https://www.namecheap.com/support/knowledgebase/article.aspx/10459/2254/video-how-to-add-an-spf-record-for-a-domain-in-your-namecheap-account/?gclid=EAIaIQobChMI-rPbxNnT-wIVwvLjBx3bkAB4EAAYASAAEgIZ0PD_BwE
How do I know the library already has an SPF record and/ or if it is configured correctly?
You can check the configuration of your record by entering your library’s domain(s) into mxtoolbox.com: https://mxtoolbox.com/spf.aspx
Hint: Domain name value would be the value after @ in the sender's email. For example, library.org.
Below is a simplified example of the record check results:
Part 2: Additional email settings in Polaris System Administration
There are setting in Polaris System administration to configure the email FROM and REPLY TO values for the PowerPAC and patron notices e-mails.
The e-mail address for sending e-mails from the PowerPAC (e.g., for patrons sending title lists to themselves) can be found in Polaris under:
Administration Explorer –> Profiles –> PAC –> Email notification: Email address of sender
*This can be set at the System/ Library/ or Branch level
The e-mail address set for sending patron notices can be found in Polaris under:
Administration Explorer –> Parameters –> Notification –> Notification Options under General E-mail Notice Settings, From field.
It is also very important that the “Reply-To” address set for notices is a valid inbox that you own so that you will receive bounce backs. This does not need to be the same as the “From:” address, but it does need to be a valid email. Maintenance to remove bad email address from your patron records is important to overall email reputation.
If you have any questions or concerns, please create a ticket for Customer Support and we will be happy to help.