SPF guidance

What is SPF and how might it affect me?

DTS is rolling out an extra security feature for email; Sender Policy Framework (SPF). The feature was enabled on Tuesday the 1st of March 2022. 

SPF is an email-authentication standard used to prevent spammers from sending messages that appear to come from LSE’s domain (i.e., Spoofing). It also helps to ensure that emails are delivered correctly – without being delivered to a recipient's spam box. 

Personal LSE email (using Office365 / Outlook) will be unaffected, which is the majority of our email use.  

Processes that use external mail service providers (Such as Mailchimp or Salesforce) will have to have their settings updated in these external services to benefit from the additional protection. DTS has already liaised with a several of the main users of these services to advise them how to make the necessary changes. 

What are the changes LSE is making and why?

Email services did not require an SPF record in the past however, over the last year it has become a much more widely used industry standard and has become expected by many of the main email providers.  As such, LSE will be adding a SPF record to our mail email domain (@lse.ac.uk) and moving all externally provided mail services, (e.g. Mailchimp), to a specific doman for their use: @mail.lse.ac.uk.

Which services should be moved to the @mail.lse.ac.uk domain?

Any externally provided services, (i.e. not from Office 365/Outlook), which sends emails that appear to come from the @lse.ac.uk domain will need to be moved to the @mail.lse.ac.uk domain.  This domain already has a SPF record set up to protect it.  There is a specific list of external services who are trusted and verified for use:

  • activecampaign.com
  • LSE Mailer
  • Mailchimp
  • Mandrill
  • OneFinance
  • Populo
  • Qualtrics
  • Salesforce
  • SalesForce Marketing Cloud
  • Salesforce TargetX
  • Zoho

The external service provider I use is not listed above; can I add it?

Each SPF record has a limit to the number of services that can be added to it.  As such these specific external service providers are currently the only ones approved. If the service you want to use is not in the list above, please contact us and, if possible, we can add it. However, if the functionality is replaced by a service in the list above, you may be asked to change service providers.

FAQ's

How do I configure the external service I use to use @mail.lse.ac.uk once my request has been approved?

Once we have approved your request you will have to update the external provider with the details.  Unfortunately, we are unable to advise on the specifics suppliers will have to use to configure their systems.

Should I make any preparations before I reconfigure the service I use to send from @mail.lse.ac.uk?

The main issue you may encounter is that some people may be unaware of the change to the domain causing confusion and uncertainty around the new @mail.lse.ac.uk email address used.  We highly recommend that you communicate to your audience that this change will happen before you make the move.

How do I apply?

I am setting up a new service with an external provider:

N.B. Requests for a new service from an external provider must first undergo a wider assessment, even before your SPF request can be approved.

Send an email to LSE Tech Support (tech.support@lse.ac.uk) with the title: New service external email service provider request

You will need to include the following details:

1) The address you plan to use

2) The name of the external provider and service you wish to use

3) A brief outline of what you intend to use this service for, (incl. the target audience)


 

I am updating an existing service with external provider:

Send an email to LSE Tech Support (tech.support@lse.ac.uk) with the title: Existing service SPF request

You will need to include the following details:

1) The address you wish to use

2) The name of the external service provider along with any documentation they provide around their specific SPF requirements.  This should be published by the provider but you may have to approach them for these details

3) A completed copy of the Cloud Assurance Questionnaire for the Information Security team's assessment

My application has been approved; how do I make the changes with my external service provider?

DTS does not support any services provided by these 3rd parties. You need to contact your service provider and ask for support on how to change your sender address to "@mail.lse.ac.uk".  We have provided a link of relevant guides to most of the approved providers mentioned on the above list:

activecampaign.com - https://help.activecampaign.com/hc/en-us/articles/115001053510

Mailchimp - https://mailchimp.com/help/edit-your-emails-subject-preview-text-from-name-or-from-email-address/

Mandrill – See: Mailchimp

Populo - https://knowledgebase.poppulo.com/articles/How_To/To-Change-your-Default-Sender-Details

Qualtrics - https://www.qualtrics.com/support/survey-platform/distributions-module/email-distribution/using-a-custom-from-address/

Salesforce - https://help.salesforce.com/s/articleView?id=000340139&type=1

Zoho - https://www.zoho.com/mail/help/dynamic-from-address.html

(Links are accurate at time of writing - 01/03/2022. For further support please contact your provider)