Skip Navigation
Expand
SPF and Sender ID considerations with Oracle B2C Service sites
Answer ID 2489   |   Last Review Date 05/24/2023

What are SPF and Sender ID and how do they affect our Oracle Service Cloud site?

Environment:

Sender Policy Framework (SPF)

Resolution:

Sender Policy Framework (SPFv1) and Sender ID (also known as SPFv2) are two email authentication technologies that use Domain Name System (DNS) to specify which servers are allowed to send email on behalf of a particular domain name. The two technologies share common heritage and are almost identical in how they work. The main difference is how the receiver determines who (what domain) is the sender. SPFv1 uses the domain in the envelope sender address (the MAIL FROM: portion of an SMTP transaction), while Sender ID uses the Purported Responsible Address (PRA).

For your Oracle B2C Service mailboxes, you will need to publish an SPF record if the domain specified in the Envelope From/Bounce Address field in the console is branded to your organization's domain. If you only edit the Friendly From/Branded Address field of the hosted mailbox, then this answer does not apply. However, if you do change the Friendly From/Branded Address field, you will need to set up DKIM. Please see DomainKeys and DKIM email authentication configuration.

Note: If you set the configuration IFWD_UI_FROM_ADDR to 3 allowing forwards to be sent using your agent's personal email addresses, you will need to verify that the domain used by your agents email addresses also publishes the SPF record like the above scenarios.

For more information and complete procedures, see Email Management in the online documentation for your release. 

How do I implement this SPF change?

Option 1, to use when an SPF record does not currently exist for your domain 

The following example shows what you should publish in your SPF record. This example applies to Service email as well as Outreach and Feedback email. 

Example: As the director of customer service for Widgets R Us, you want to send email from your hosted Oracle B2C Service site to your customers, and you want to brand your email so that your customers see "offers@widgetsrus.com" in the email's From address.

Action: Define SPF records in the widgetsrus.com DNS as follows:
widgetsrus.com IN TXT "v=spf1 include:rnmk.com ~all"

Note: You must add your own domain in your SPF record (e.g. widgetsrus.com as seen above).  Also there is a maximum of 10 lookups in an SPF record.

In this example, hosts identified in the rnmk.com SPF record are allowed to send on behalf of widgetsrus.com. The final entry, "~all" defines the policy that will be used. In this case, all email originating from hosts listed in the rnmk.com SPF record that use the domain in the example will be accepted as legitimate sources of email for widgetsrus.com. If the receiver identifies email coming from a host that is not listed in the SPF record, the receiver should soft fail those emails.

Option 2, to use when you have an SPF already and are providing permission for Oracle B2C Service to send emails using your domain 

If you already have an existing SPF record you would modify your existing SPF record and not try to publish multiple SPF records.  As mentioned above, there is a maximum of 10 lookups, and adding include:rnmk.com will currently add 3 total lookups.  If this is too many, an alternative is to add exists:%{i}.spf.rnmk.com which will add just 1 additional lookup.

We do not provide email IP addresses for SPF records since email IPs can change without notice.

Full Specifications
For more information on SPF, see http://www.open-spf.org/ and http://www.rfc-editor.org/rfc/rfc4408.txt
For more information on Sender ID, see https://docs.microsoft.com/en-us/exchange/antispam-and-antimalware/antispam-protection/sender-id?view=exchserver-2019