Thanks for the example.
I am testing the SPF record on a spare domain I have that I am not dependant on the email address of (but has the same symptom at present), and will update the thread on how that goes.
There are a number of checkers and syntax generators online to help.
In the mean time, now we are just over 34 hours since I really noticed an issue, I am getting message delayed notifications (the example below was with gmail configured to send as my domain using my BT smtp credentials):
Delivery to the following recipient has been delayed:
Message will be retried for 1 more day(s)
Technical details of temporary failure:
Google tried to deliver your message, but it was rejected by the relay mail.btinternet.com [220.127.116.11].
The error that the other server returned was:
421 Too many messages (18.104.22.168) from 22.214.171.124
Interestingly I have had these messages before recently, but oddly was not actually having any issue previously with message delivery. In some cases previosuly I would get a notification as above, long after I know the email had actually been delieverd.
Online checkers are retrieving the new SPF record for my domain, so assuming populated correctly (I am quite confident it is), this is not solving the problem (good knowledge to have picked up though).
In regards to your SPF record then you are correct about the format. For example say your current SMTP server has an IP address of 126.96.36.199xx and you wanted to use @btinternet.com SMTP server with your credentials then your SPF record may look like:
"v=spf1 ip4:188.8.131.52xx ip4:184.108.40.206/24 include:_spf.mail.yahoo.com ~all" (this is with a soft fail)
You may need to add _spf.mail.yahoo.com if your email service is still hosted on the BT Yahoo platform.
As to the DKIM signature then as you are using a third party SMTP server this can be difficult to achieve as you don't have control or agreement over the public keys.
As to the 421 SMTP error, this usually occurs when there is a routing issue or if there is some sort of policy in place to reject connections from a server or SMTP relay using that SMTP server if too many occur over a specific time period.
I have succesfully implemented the SPF for my domain. I can see via sending to a test hotmail account that this has had an immediate effect on the email no longer being flagged as failing fraud detection checks. So some good there.
However this has not solved the 421 email dealyed issue I see more often than not when sending as my domain via SMTP, especially via gmail (with BT smtp).
BT support advised they are aware of the issue, but see it as a side effect of the security lock down after the hacking. They were not willing to keep a case open to investigate as when I send as my BT address there is not an issue.
The account sub accounts that I thought were OK were not after further tests. I have now had to reconfigure all of my accounts to use gmail smtp.
While the volume of customer that use BT smtp to send as other domains may be a minority, I am sure this is still a signficant number of customers. If a mod is willing to pick this up to get to a team that can help, please contact me. Where BTmail customers can validate a domain belongs to them, it would be nice to continue using BT SMTP.