Advertising mail is probably the first type of direct marketing used to sell a product directly to the consumer. It was also the first to be termed Junk mail, since it was over abused by marketers, and people started seeing it as a nuisance.

Advertisements are found in newspapers and magazines mixed up with interesting articles where the ratio of articles to advertisements varies depending on the publication, with some publications having a section for adverts, whereas others having articles hiding a discreet marketing message.

Radio and TV commercials are another nuisance that we have to endure on a daily basis. Some stations are dedicated to simply selling stuff, whereas others mix their ads into the mix of Indiana Jones movies, CSI TV series and Jerry Springer talk shows.

There are other similar techniques used to promote a product or brand. These include door to door leaflet delivery, broadcast faxing, cold calling aka telemarketing, voicemail marketing and last but not least billboards.

While writing this article, I recalled the frustration I felt every time my Rambo film was paused in the middle of the action or the countless ad pages I have to lead through in a newspaper to get to the Sports section at the end. But at the same time, we are tolerant to such marketing content. However we treat spam very differently – we do our best to stop that. Why do we need to subscribe in order to receive spam? I never subscribed to the billboards on the side of the highway.

Compared to all the marketing techniques described above, email marketing is the cheapest way of sending a marketing message to millions of people. Being so cheap, it is the tool of choice for marketing teams with a small budget trying to sell cheap products. Most of the times, such products do not deliver what they promise.

Most of the marketing techniques described above deliver something useful. This is true for newspapers, magazines, TV and radio. These media would not be free, or would be much more expensive had it not been for the ads.

Unfortunately with email marketing, you run the risk of being exposed to malware and fraudulent emails. Worms and viruses often make use of email and spam techniques to propagate. Phishing emails and Nigerian 419 scams are examples of fraudulent emails which try to harvest either your money or your personal information including credit card details.

Similar to junk mail received at your home mailbox, spam frequently gets mixed up with emails from friends, colleagues, and bosses. And probably this is the thing that we hate most about spam – the fact that it is sometimes difficult to distinguish a legitimate email from a spam email at first glance.

So while email marketing is the tool of choice for most marketing teams, it does require stringent regulations to ensure that it does not get abused. Some countries have updated their regulations to cover spam, but others still have to catch up. In any case, regulations are not stopping cheap email marketers and fraudulent emails and until that happens, it is wise to make use of a good anti-spam product.

This happens when you load an image from your backup. This will sometime cause network connectivity issues, due to the fact that other network adapters will still be configured (hidden) in the device manager which still lock your IP address. This will also cause the issue whereby although you configure the current network adapter (as seen in the Device Manager), no network activity can be achieved. Unfortunately these devices will not show directly in your device manager, so the following steps must be taken.

This can easily be removed by opening the command prompt with administrative access and typing the following command:

set devmgr_show_nonpresent_devices=1
start devmgmt.msc

This will start the Device Manager. It is important to start the Device Manager from the same command prompt, since it will lose the setting to show the non present devices. If you open the Device Manager from the Control panel, the hidden devices will not show.

When the Device Manager loads, from the File menu, expand the View and select the Show Hidden Devices option. This will enable and show any old un-used devices in the window. From here, expand the Network Adapters node and you can right click on the devices which are extra and delete them accordingly.

Another method which can be used to identify the hidden devices is a free tool from Microsoft called ‘devcon’ which is a command line alternative to the Device Manager, but it will not work since it only removes present devices. Maybe Microsoft will be adding this feature in the future releases of the tool, but for now, although it will show hidden devices, it is not capable of removing them. It will give an error saying ‘Remove failed. No devices removed.’

After this is done, your network adapter will be free and you can set up the correct network settings. This method of hidden device removal can be used for any type of device. Since this option may come in handy in your daily job, it would be best to configure the setting to show non-present devices in the Environment Variables from the system properties so that every time the server is loaded, the setting will be automatically configured and you will be able to see the hidden devices without running through the above commands. This can be set by clicking the New button in the System Variables frame and in the variable name enter ‘devmgr_show_nonpresent_devices’and in the variable value enter ‘1’.

After this is done, your network adapter will be free and you can set up the correct network settings. This method of hidden device removal can be used for any type of device. Since this option may come in handy in your daily job, it would be best to configure the setting to show non-present devices in the Environment Variables from the system properties so that every time the server is loaded, the setting will be automatically configured and you will be able to see the hidden devices without running through the above commands. This can be set by clicking the New button in the System Variables frame and in the variable name enter ’devmgr_show_nonpresent_devices’, and in the variable value enter ‘1’.

Creating an SPF record for your domain

The procedure outlined below can be divided into several stages:

1. Determine domain name which is used to send emails to the internet
2. Determine the public IP address(es) that are used to send emails
3. Create your SPF
4. Publish the SPF record in your DNS Server

Determine the domain name which is used to send emails to the internet

An SPF record is created for a domain, therefore you need to first identify what domain is used when emails are sent to the internet from your domain. The domain is the last part of your email address.  For example:

Email Address: user[at]gfi.com
Domain: gfi.com

Determine the public IP address(es) that are used to send emails

In order for SPF to determine that an email has been received from a legitimate sender, it will check the sender mail server IP address and compare it to the content contained in the SPF record. In order to properly configure an SPF record, you will need to obtain all the public IP addresses which are used to send emails to the internet from your domain.

Create your SPF record

The wizard found at http://www.openspf.org/ offers a step by step wizard which explains how to create your SPF record. The following procedure will guide you through the wizard:

1. Open http://www.openspf.org/ using an Internet Browser
2. In the ‘Deploying SPF’ section, enter your domain which will be used for the SPF record and click ‘Go!’
3. Complete the form with the details required to create your SPF Record.
4. Once completed; confirm the data you have entered is correct, click on the ‘Continue’.
5. The SPF record text will be shown at the bottom of the form.

Publish the SPF record on your DNS Server

In order for the SPF record to be queried, it must be published on the authoritative DNS server for your domain. The DNS Server could be hosted locally within the organization or managed by your ISP.

If your DNS records are managed by your ISP, you will need to provide the text from the SPF Setup Wizard to your ISP and ask them to add it to the TXT record of your domain.

If the domain is hosted on a local DNS server, you should manually add the TXT SPF record to your DNS Server. The following procedure explains how to add a TXT SPF record on the DNS server included with Windows 2003 Server:

1. Login to the DNS server using administrative privileges
2. Open the ‘DNS’ Console in ‘Administrative Tools’
3. Expand ‘DNS’ > ‘Forward Lookup Zones’
4. Select and open the domain in which you wish to add the SPF record. Right-click in the record list and select ‘Other New Records..’ from the menu.
5. Select the ‘Text (TXT)’ record and click on the ‘Create Record…’ button
6. Type the SPF record data in the ‘Text’ textbox. Click the ‘OK’ button.
7. Click on the ‘Done’ button to close the window and the SPF record is added

How does SPF work?

The basic idea behind Sender Policy Framework (SPF) is simple: whenever an email is received a check is made to see if the server which sent it is allowed to send emails on behalf of the senders’ domain.

For example: you receive a message from ‘somebody@somedomain.com’ from a machine with IP ’121.122.123.124′. SPF works by asking ‘somedomain.com’ if ’121.122.123.124′ is allowed to send email on its behalf.

For SPF to work, the sender’s domain (‘somedomain.com’ in this example) must publish, via DNS TXT records, the hosts which are allowed to send email on its behalf. Thus SPF requires both sender and recipient collaboration. If this information is not published, then SPF will return ‘unknown’, or ‘none’.

SPF checks the last external IP. If GFI MailEssentials is installed on a machine in the perimeter then the last external IP is easily obtainable by checking the IP of the mail server that connected to Internet Information Services (IIS).

If GFI MailEssentials is not installed on the perimeter server, you need to configure the perimeter SMTP servers that are receiving emails from the internet. GFI MailEssentials will parse the message headers for the ‘Received lines’ which will contain the IP addresses of the servers from where the message has passed. To get the IP address of the sender’s mail server, GFI MailEssentials checks all the IP’s in the header until an IP is:

1. Found in the perimeter SMTP servers list.
2. Followed by an IP address which is not in the perimeter SMTP servers list. The latter IP is the external IP.

The following example assumes that 216.218.202.33 is in the perimeter list. GFI MailEssentials is installed on ‘hostb’ and is being forwarded email from ‘hosta’ (216.218.202.33).

Received: from hosta ([216.218.202.33]) by hostb with Microsoft SMTPSVC;
Tue, 11 Jan 2005 18:53:30 +0100
Received: from external.com ([121.122.123.124]) by hosta with Microsoft SMTPSVC;
Tue, 11 Jan 2005 18:53:19 +0100
…
From: <someone@somedomain.com>

Using the logic detailed above, GFI MailEssentials will find the perimeter IP which is followed by a non-perimeter IP, in this case 121.122.123.124. If somedomain.com confirms that 121.122.123.124 is allowed to send email on its behalf, the email will be passed through the rest of the anti-spam plug-in, otherwise the email is marked as spam.

Points to note:

• It is important to note that all public perimeter IP’s should be included in the GFI MailEssentials configuration as GFI MailEssentials will search for them when parsing message headers.
• Confirm which DNS-server GFI MailEssentials uses. In most cases this will be an internal DNS server. If you have an external zone in your internal DNS server, then you need to setup the SPF-record for your domain in the DNS-record of your internal DNS server as well as the external one.
• More information regarding the Sender Policy Framework (SPF) can be found at: http://openspf.org/
• Further information on how to create an SPF record for your domain can be found in the following Microsoft Knowledgebase article:  http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/

In Part 2 of this article we will be reviewing how to create SPF records for your domain and determine domain names.