So is it required by the internet that you have a SPF for your CRM or not?
I am sort of divided in this because when your company host it is* likely that CRM is already within the frame of IP addresses authorized* to send in SPF and adding the SFP mechanism "include:crm.something.com -all"
will in that case generate double entries of the already authorized IP’s.
The reason for this is that many companies chose to partition their server so it is multitasking and running several different business systems (CRM, corporate website, accounting, project management, sales etc. or whatever), so many the business applications basically share the same IP to get the most out of the server.
But on the other and when your CRM does send from https;//crm.example-domain.com
email servers around the will will do a DNS query and look up "crm.example-domain.com"
to see if:
1.) Does it have a SPF record for that domain?
2.) Is the domain name authorized to send through the IP’s /mail server?
and if you do not have it, it might fail your sent emails and being ditched in the cold dark place called the spam inbox or even worse - outright rejected and refused with a 550 by mail servers around the world.
Now if you do decide to add the SPF mechanism "include:"
it will also generate the trouble of double entries of the same IP which also might cause issues with deliverability as email servers might think your not fully legit or even spammer as the SFP record sort of fails. But on the same time now you are also fully authenticated and in theory your deliverability should increase because it might be better to have a DNS SPF record for your CRM than none at all.
Now this could of course be “easily” solved that you chose to setup a new VPS or a dedicated physical server exclusively for your CRM system which solves the issue as it will have its own dedicated IP.
Anyway; I’m torn.
Is it required this days that your CRM is listed in the DNS system and also have its own SPF record or not?
Thoughts?
Kind regards
PowerQuest