This will assist with the detection of forged emails which appear to originate from an IBKR source address by ensuring that the emails we send originate from a server allowed to send emails on your behalf. This requires that you include the record "spfext.ibkr.com". See the two examples below:
This, along with the SPF record, will allow the email recipient's server to authenticate and deliver the email and protect your domain from unauthorized use. This requires that you create a DMARC record if one does not already exist. Implementation examples are as follows:
See example below for use with IBKR domain "ibext-selector1.dkim.ibkr.com":
As we are sending emails on your behalf, we cannot receive emails on your behalf (as we do not own the domain). As such, we are asking you to setup this forwarding logic to assist us with tracking emails that are not delivered.
This should be looked at as a simple receive email and forwarding email logic.
IBKR regional bounce email addresses:
email@example.com (Europe with the exception of UK)
firstname.lastname@example.org (HK and other Asian countries)
NOTE: abcbrokers.com is used for example purposes only! You should replace any instance of abcbrokers.com with your domain name.
As email spam / spoofing has increased, email servers are taking stricter measures to block or mark emails as spam that do not appear to be coming from a trusted source.
IBKR is upgrading email infrastructure to adhere to standards and is requiring clients who opted to white brand email communications to take the same measures to ensure emails are delivered in a safe manner and are not interpreted by the recipient server as spam.
Failure to implement these changes by the deadline will result in IBKR disabling white branded communications resulting in future communications being sent from an IBKR domain.
This is not supported for the emails IBKR sends on your behalf.