Koha How-To
All about email - Part 2
by Mitch Morrison on Aug 10, 2020
This is the second of a series of blog posts devoted to email issues and how ByWater Solutions supports your Koha email capabilities. In this post, we begin to look at how email systems determine if your email should be delivered or rejected.
One of the common problems libraries run into with their Koha is delivering messages to patrons. While staff email seems to flow easily there are many issues that can impact the ability to deliver outside of your library. As various municipalities and schools are relying on email as official communication methods their IT departments will take steps to guarantee the validity of email being from their domains. If they have not taken into consideration your Koha, they will implement a policy that will impact the ability for you to deliver messages to your patrons.
Email systems use a variety of Domain Name Service (DNS) records to determine if your mail should be accepted. Today we look at the primary method defined in RFC 7208, the SPF record.
SPF - Sender Policy Framework
The first attempt designed to halt the spread of fake email is the SPF record. SPF is a TXT record in your DNS system that is formatted to tell email servers if an email you send is allowed from your Koha instance. It typically will look something like this:
"v=spf1 a mx include:example.com ~all"
To understand what this is saying you must parse it. It is fairly easy to break down.
v=spf1 - This says that the version of this Sender Policy Framework is version 1 format
a - This states that if your domain has an A record, that IP address is allowed to send mail
mx - This states that all the servers that are allowed to receive your email are also allowed to send an email for you
include:example.com - This says that mail that comes from servers in the domain example.com are allowed to send an email for your domain
~all - This last piece of information describes the action that should happen if mail comes from anywhere else. It will be set to either ~all or -all. ~all will state that although the sender is not authorized to send an email for your domain, it should be set to a “soft fail.” In this case, the mail will be delivered, but the email system will consider it highly likely that this message is spam.
The -all are treated more harshly as it is considered a “hard fail.” This tells the email system that this message is to be summarily rejected and not delivered.
Since many organizations hire email providers to handle email services, the IT folks will limit the SPF record to only the providers. Fortunately, there is a method to add your Koha to the list. You will need to determine the public IP address your Koha is using. If we assume you are using 172.98.64.84 have your IT staff modify their SPF record to include it. It should look like this:
"v=spf1 a mx include:example.com ip4:172.98.64.84 ~all"
This then guarantees that your patron emails will be allowed for delivery. If your IT department will not modify their SPF record to allow your Koha to send emails, then they should provide you with an email relay server you can use to send though. The caveat is that oftentimes those relay systems will be limited as to how many emails you can send a day and how quickly they will send them. If this is required for your Koha, Bywater Solutions will help get that set up with assistance from your IT department.
Next time we will dig into the things you should do to make sure that your delivered emails are not marked as SPAM.
More in this Blog Post Series
Read more by Mitch Morrison