One of my Web applications is hosted on 1&1 and it generally performs fine except for one problem. I have the application set up to send me emails based on certain events and I have noticed that some of those emails land in my spam folder. Here's why.
The problem with applications on 1&1 shared hosting (and maybe other hosting companies) is that outbound emails undergo Sender Rewriting Scheme (SRS) which changes the return path in the mail envelope to a domain owned by 1&1. For example the return path is changed from firstname.lastname@example.org to SRS0=pikB=NEemail@example.com and the email is launched from one of the 1&1 email servers, for example a server at ip address 22.214.171.124.
Since I don't own the domain srs.perfora.net, I can't add that ip address to the list of authorized senders. A quick SPF record check for srs.perfora.net shows the following:
"v=spf1 ip4:126.96.36.199/25 ?all"
This is telling other servers that any @srs.perfora.net email originating from 188.8.131.52/25 is legitimate, and all others may or may not be spam. And so receiving servers could route incoming emails from unknown ip addresses to spam folders and that is what's happening in my case.
I contacted 1&1 support regarding this issue, but they replied that spf record is not
supported for 1&1 domains and referred me to this link.
So at this point I have no choice but to check my spam folders frequently looking for misidentified emails. And if you have a 1&1 hosted application that sends emails, be warned. Those emails could be landing in your users' spam folders.
And finally to 1&1, the time to fix this issue is way overdue, and it's so simple to fix.