Sender Policy Framework (SPF) is an email authentication method thath works through DNS records.

When an email server receive an email, it run a query to DNS in order to obtain the SPF record relative to the sender.
In the SPF record there is a list of domain/ip addresses that are allowed to send messages with sender's domain.

A failed SPF check can lead to messages with bad reputation (and so marked and treated as SPAM) or messages completely rejected.

When you own a TOWeRS/CASTLE system or you are a BRIDGE client, we usually send email using your domain as the sender address. This means that you should update your SPF record (in your DNS settings) in order to "whitelist" our mail servers.

Our ip ranges are:

ip4:185.88.116.0/22 ip4:91.102.128.0/21 ip4:5.252.44.0/23 ip6:2a01:7140::0/32 ip6:2a05:ca40::0/29 ip6:2a09:4340::/48

But we recommend that you use the dedicated

include:_spf.netstorming.net

record, which includes only the selected addresses we use to deliver email.
The advantage of using the include directive over listing IP classes is that you only authorize what is strictly necessary and at the same time we can guarantee to keep the value always up to date and correct without the need for further intervention on your part.

So, as an example, if your actual SPF record is something like this

v=spf1 mx a ptr include:_spf.google.com include:yourdomain.net ip4:8.8.8.8/32 ~all

you should edit and turn that in someting like this

v=spf1 mx a ptr include:_spf.google.com include:yourdomain.net include:_spf.netstorming.net ip4:8.8.8.8/32 ~all