Should I set up a subdomain for SPF records for email marketing?

Key findings

• No inheritance: SPF policies do not inherit from a root domain to its subdomains. Each domain or subdomain used in the Return-Path requires its own dedicated SPF record.
• Return-path focus: SPF validation specifically checks the Return-Path (or Envelope From) domain, not the visible From header.
• Subdomain benefits: Using subdomains for email marketing helps to compartmentalize sending reputation, protecting your main domain from potential deliverability issues associated with marketing campaigns. This approach provides a clear structure for organizing different email types and can significantly improve email deliverability.
• Outdated advice: Historical recommendations to set up SPF at the root domain, often citing Microsoft reasons, are largely outdated and not considered current best practice.
• ESP collaboration: When using an Email Service Provider (ESP), they often guide the SPF setup for the custom return path (subdomain) they utilize.

Key considerations

• Custom return path: If your ESP provides a custom return path (e.g., bounce.yourdomain.com), you must configure SPF specifically for that subdomain. Refer to our guide on whether a subdomain needs its own SPF record.
• Multiple sending sources: Each distinct email sending source (e.g., transactional emails, marketing emails from different ESPs) requires its own SPF record configured for its respective return path domain.
• Domain reputation: Using separate subdomains for different email streams, such as marketing and transactional emails, is a key strategy for protecting your sender reputation.
• DMARC and DKIM: While SPF is tied to the return path, ensure your DKIM and DMARC configurations also align correctly with your sending domains and subdomains for comprehensive email authentication.

Key opinions

• Subdomain necessity: Many marketers believe that all businesses sending emails, regardless of list size, should consider setting up a dedicated sending subdomain to optimize deliverability.
• Reputation protection: A key driver for using subdomains is the ability to isolate the reputation of marketing campaigns from the main domain, thereby protecting the core brand's email sending health.
• Deliverability improvement: Marketers recognize that email subdomains are powerful tools to improve email deliverability, maintain sender reputation, and overall email performance. This is highlighted by various industry guides.
• Confusion points: There's common confusion about whether SPF records should apply to the Header From or Envelope From addresses.

Key considerations

• Understanding SPF application: It's crucial for marketers to grasp that SPF validation occurs against the Envelope From domain, not the Header From domain, to ensure correct configuration.
• Simplifying support: While simplified advice might have been given in the past, marketers should seek to understand the technical nuances of SPF to ensure optimal email deliverability.
• Strategic subdomain use: Marketers should actively implement separate subdomains for different email streams, such as marketing or transactional, to strategically manage and protect their sender reputation. Further details can be found in our article on using subdomains to protect your main domain reputation.
• ESP guidance: Marketers should follow the specific SPF configuration instructions provided by their ESP for custom return paths to ensure proper authentication and alignment.

Key opinions

• No SPF inheritance: Experts confirm that SPF policies are not inherited from a root domain to its subdomains; each must have its own record.
• Worst practice for root domain: It is considered worst practice to set up an ESP's SPF record at your root domain.
• Return-path specificity: SPF records are only relevant to the domain used in the Return-Path or bounce domain, not the From header. This is a common source of confusion.
• Outdated advice: Any advice suggesting SPF setup at the root domain for ESPs is severely outdated, dating back to the early 2010s.
• Per-source configuration: SPF needs to be configured for each unique source of mail flow, as return paths are source-specific. This means building separate SPF records for all relevant domains and subdomains.

Key considerations

• Envelope from alignment: SPF must be set up for the domain used in the RFC 5321.from address (MailFrom), which is the Envelope From. Our guide on the full form of SPF in email provides more context.
• EHLO domain: In certain scenarios, SPF might also need to be configured for the domain used in the EHLO command, though this is often controlled by the ESP.
• ESP guidance for custom paths: If an ESP provides a custom return path, they should guide the necessary SPF configuration for that specific subdomain.
• DKIM configuration: While multiple ESPs will require separate SPF records and MX records for their return path domains, they can use the same d= for DKIM, but with separate selectors and public DKIM keys. For more on this, see how to configure SPF, DKIM, and DMARC with subdomains.

Key findings

• Explicit SPF for subdomains: Documentation confirms that if subdomains are used for email, it is important to set up SPF records for each, considering their specific sending requirements.
• TXT record configuration: To set up an SPF record for a subdomain, a TXT record must be created in the DNS settings that specifies the authorized mail servers. Learn more about this in our article on setting up SPF and DKIM for new subdomains.
• Security and delivery enhancement: Setting up SPF (and DKIM) for email subdomains is vital for improving both email security and overall delivery rates.
• Reputation and deliverability: Subdomains can enhance deliverability by separating email traffic, which helps in increasing the sender's specific reputation and fostering better inbox placement. This is a key reason why subdomains are used for email.

Key considerations

• Avoiding inheritance assumptions: Do not assume SPF records on the root domain will cover subdomains. Each requires explicit configuration.
• DNS settings: Properly setting up SPF records involves creating or modifying TXT records within your DNS settings for each relevant subdomain. See our guide on best practices for DNS lookups and SPF.
• Segmenting email traffic: The strategic use of subdomains allows for better segregation of email types, which helps in managing individual sender reputations more effectively.
• Comprehensive authentication: Ensure that SPF, DKIM, and DMARC are all correctly configured for each sending subdomain to achieve full email authentication and optimize deliverability.