They allow you to control how you appear if you want to send mail through FastMail on behalf of one of your other external mail accounts, as well as from FastMail itself.
To manage identities:
If you specify
*@domain.tld for an account identity email address, then you will be able to specify something different to replace the
* with for each individual message that you send using this identity.
Each identity has a number of options associated with it:
Fromheader of emails you send.
Fromaddress. Leave this blank unless you explicitly want replies to go to a different address.
Bcccopy of every email you send from this identity will be sent to the email addresses you specify here. This list can be generated out of your address book via auto-completion.
Bcccopy of every email you send via an external client with a
Fromemail address matching this account identity will also be sent to the Auto BCC addresses given above.
Fromemail address matching this identity. Attachments will always be included with the message in this case, regardless of the Include attachments option.
Send via — Normally when you send email, the email will be sent via the FastMail server. From there, we find the appropriate server for each recipient of the email, and forward it on to that server directly.
However, if the domain of the email address is not hosted with FastMail, you probably want to send via that domain's SMTP server if possible to ensure your messages are delivered reliably (see the note below on SPF issues).
465if using "SSL/TLS encrypted" security.
If you just want to use an identity for BCC on 3rd party clients or Save a copy on 3rd party clients, you can put a
* in the email address on either side of the
@ to make it match anything. For instance,
*@fastmail.com will match any
@fastmail.com email address you send with. If you have an identity with a specific email address that matches a
From address, that will take precedence;
* matches will only occur as a fallback.
For use within the web interface, it's not meaningful to use identities which have a
* in the domain part: you'll probably just end up with a bounced email.
SPF was an attempt to reduce spam by stopping people forging the domain in the SMTP MAIL FROM envelope of sent email.
Unfortunately SPF has not reduced spam at all because: a) no user ever sees the SMTP MAIL FROM envelope, so it doesn't stop spammers forging the
From header users see in emails, and b) anyone can set up SPF on any domain they own, and SPF doesn't tell you which domains to actually trust.
Whether the SPF checks pass or fail has little correlation with whether a message is spam or not. We can see this in the SpamAssassin scores, which show that SPF failures have quite a low score.
score SPF_PASS -0.001 score SPF_FAIL 0 0.919 0 0.001 # n=0 n=2 score SPF_NEUTRAL 0 0.652 0 0.779 # n=0 n=2 score SPF_SOFTFAIL 0 0.972 0 0.665 # n=0 n=2
Additionally, SPF breaks the simple forwarding of emails between systems, and requires a separate system called SRS to rewrite the SMTP MAIL FROM envelope and to forward bounces back through the forwarding system.
Despite that, some systems treat SPF failures as a sign of spaminess, so you may want to make sure your sent emails pass SPF tests. If you are sending email with a
From address from a domain that's not hosted with FastMail and doesn't have specific SPF records authorising our servers, you should send via that domain's SMTP server instead, using the Send messages using an external SMTP server option.