How do I create a SPF record for Phishing?
The Phishing tool allows customers to send phishing campaigns using several different “canned” domains as well as the customer's own domain name. However, it should be noted that while this is possible, there is a high likelihood that these messages will be marked as spam or rejected by your mail server completely. This is usually because the Phishing Mail Server(s) is not listed in the customer's SPF records.
For example, this is the SPF record for stratumsecurity.com:
stratumsecurity.com descriptive text "v=spf1 mx a include:spf.google.com ipv4:126.96.36.199 include:google.com ~all"
This specifies that only IP addresses with the reverse of spf.google.com and the IP address 188.8.131.52 are permitted to send emails using stratumsecurity.com in the From: field. If an email message is sent from an IP address not listed in the SPF record with stratumsecurity.com in the From: field, spam filters are very likely to mark the message as spam.
Additionally, if you use a domain name that is a mis-spelling of your real domain name (e.g. companyy.com vs. company.com) if there is no reverse DNS entry for companyy.com your mail server will likely reject the email completely.
We recommend that customers who wish to send campaigns using their own domains in the From: field add an SPF entry for the Phishing email servers 184.108.40.206 (mailer1.threatsim.com) & 220.127.116.11 (mailer2.threatsim.com).