Sender Policy Framework (SPF) rules in HRA Cloud


Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain's administrators. SPF rules allow multiple external applications to send emails for a given domain (e.g and to have that sender authorized to do so.

It is commonly used by products such as Google Apps, Office 365, Mail chimp, etc to allow their applications to send emails for client domains. Without the necessary rules in place, servers receiving emails treat the emails as spam and block it – as though it were coming from an unauthorized sending application.



When configuring application and email addresses within HRA Cloud (screenshot below) as shown in the screenshot below, you also need to ensure your SPF rules are updated to validate HRA Cloud’s mail server.


SPF rules are implemented by adding a DNS TXT entry which lists the allowed.

HRA Cloud’s email server is “” (a little context: Peopleinsite was HRA Cloud’s predecessor). Adding HRA Cloud as a valid email sender requires adding a “” entry to your SPF rule.


Using HRA Cloud’s own entry as an example:



The above may sound highly technical and be confusing for users from a non-technical background (it’s taken a great deal of time for our technical people to fully explain it to the Client Experience team!).

That said, the people who administer your email or system infrastructure (your internal IT team or external IT provider) should be able to implement this change with minimal effort and impact.

If you or they have questions on this process, please don’t hesitate to contact the HR Assured Client Experience Team.